Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity

Author(s): Hunt.io
Organization: Hunt.io

Open article directly Open article on Archive.org

2026-03-17 ⋅ Hunt.io ⋅ Hunt.io
Iranian Botnet Exposed via Open Directory: 15-Node Relay Network and Active C2

2026-03-11 ⋅ Hunt.io ⋅ Hunt.io
Operation Roundish: Uncovering an APT28 Roundcube Toolkit Used Against Ukrainian Government Targets

2026-03-04 ⋅ Hunt.io ⋅ Hunt.io
Iranian APT Infrastructure in Focus: Mapping State-Aligned Clusters During Geopolitical Escalation

Propose Change Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity