Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-07clearskysecClearSky Research Team
@techreport{team:20220407:exposing:bb56717, author = {ClearSky Research Team}, title = {{Exposing the Iranian EvilNominatus Ransomware}}, date = {2022-04-07}, institution = {clearskysec}, url = {https://www.clearskysec.com/wp-content/uploads/2022/04/EvilNominatus_Ransomware_7.4.22.pdf}, language = {English}, urldate = {2022-04-14} } Exposing the Iranian EvilNominatus Ransomware
2021-08-17ClearSkyClearSky Research Team
@online{team:20210817:new:b1c0eb5, author = {ClearSky Research Team}, title = {{New Iranian Espionage Campaign By “Siamesekitten” – Lyceum}}, date = {2021-08-17}, organization = {ClearSky}, url = {https://www.clearskysec.com/siamesekitten/}, language = {English}, urldate = {2022-02-17} } New Iranian Espionage Campaign By “Siamesekitten” – Lyceum
LYCEUM
2021-02-04ClearSkyClearSky Research Team
@techreport{team:20210204:conti:27cb3a2, author = {ClearSky Research Team}, title = {{CONTI Modus Operandi and Bitcoin Tracking}}, date = {2021-02-04}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/02/Conti-Ransomware.pdf}, language = {English}, urldate = {2021-02-06} } CONTI Modus Operandi and Bitcoin Tracking
Conti Ryuk
2021-01-28ClearSkyClearSky Research Team
@techreport{team:20210128:lebanese:94effe4, author = {ClearSky Research Team}, title = {{“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers}}, date = {2021-01-28}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf}, language = {English}, urldate = {2021-01-29} } “Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Volatile Cedar
2021-01-07ClearSkyClearSky Research Team
@online{team:20210107:operation:c3e2e28, author = {ClearSky Research Team}, title = {{Operation ‘Kremlin’}}, date = {2021-01-07}, organization = {ClearSky}, url = {https://www.clearskysec.com/operation-kremlin/}, language = {English}, urldate = {2021-01-11} } Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)
2020-12-17ClearSkyClearSky Research Team
@techreport{team:20201217:pay2kitten:2298e19, author = {ClearSky Research Team}, title = {{Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten}}, date = {2020-12-17}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/12/Pay2Kitten.pdf}, language = {English}, urldate = {2020-12-17} } Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten
Pay2Key
2020-08-27ClearSkyClearSky Research Team
@techreport{team:20200827:kittens:1d41d9a, author = {ClearSky Research Team}, title = {{The Kittens Are Back in Town 3: Charming Kitten Campaign Evolved and Deploying Spear-Phishing link by WhatsApp}}, date = {2020-08-27}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/08/The-Kittens-are-Back-in-Town-3.pdf}, language = {English}, urldate = {2020-08-31} } The Kittens Are Back in Town 3: Charming Kitten Campaign Evolved and Deploying Spear-Phishing link by WhatsApp
2020-08-13ClearSkyClearSky Research Team
@techreport{team:20200813:operation:429bf86, author = {ClearSky Research Team}, title = {{Operation ‘Dream Job’ Widespread North Korean Espionage Campaign}}, date = {2020-08-13}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf}, language = {English}, urldate = {2023-09-07} } Operation ‘Dream Job’ Widespread North Korean Espionage Campaign
DRATzarus LPEClient NedDnLoader
2020-06-24ClearSkyClearSky Research Team
@techreport{team:20200624:cryptocore:c9dde67, author = {ClearSky Research Team}, title = {{CryptoCore: A Threat Actor Targeting Cryptocurrency Exchanges}}, date = {2020-06-24}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/06/CryptoCore_Group.pdf}, language = {English}, urldate = {2021-06-09} } CryptoCore: A Threat Actor Targeting Cryptocurrency Exchanges
CageyChameleon
2020-06-24ClearSkyClearSky Research Team
@online{team:20200624:cryptocore:16e4ad2, author = {ClearSky Research Team}, title = {{CryptoCore Group : A Threat Actor Targeting Cryptocurrency Exchanges}}, date = {2020-06-24}, organization = {ClearSky}, url = {https://www.clearskysec.com/cryptocore-group/}, language = {English}, urldate = {2021-06-21} } CryptoCore Group : A Threat Actor Targeting Cryptocurrency Exchanges
CageyChameleon
2020-02-16ClearSkyClearSky Research Team
@techreport{team:20200216:fox:23f1677, author = {ClearSky Research Team}, title = {{Fox Kitten Campaign: Widespread Iranian Espionage-Offensive Campaign}}, date = {2020-02-16}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign.pdf}, language = {English}, urldate = {2020-04-20} } Fox Kitten Campaign: Widespread Iranian Espionage-Offensive Campaign
SSHNET Fox Kitten
2019-05ClearSkyClearSky Research Team
@techreport{team:201905:iranian:536dc45, author = {ClearSky Research Team}, title = {{Iranian Nation-State APT Groups 'Black Box' Leak}}, date = {2019-05}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2019/05/Iranian-Nation-State-APT-Leak-Analysis-and-Overview.pdf}, language = {English}, urldate = {2019-12-24} } Iranian Nation-State APT Groups 'Black Box' Leak
[Unnamed group]
2019-04-15ClearSkyClearSky Research Team
@online{team:20190415:iranian:5a7f4ff, author = {ClearSky Research Team}, title = {{Iranian APT MuddyWater Attack Infrastructure Targeting Kurdish Political Groups and Organizations in Turkey}}, date = {2019-04-15}, organization = {ClearSky}, url = {https://www.clearskysec.com/muddywater-targets-kurdish-groups-turkish-orgs/}, language = {English}, urldate = {2020-01-07} } Iranian APT MuddyWater Attack Infrastructure Targeting Kurdish Political Groups and Organizations in Turkey
POWERSTATS MuddyWater
2018-11-28ClearSkyClearSky Research Team
@online{team:20181128:muddywater:89a520f, author = {ClearSky Research Team}, title = {{MuddyWater Operations in Lebanon and Oman}}, date = {2018-11-28}, organization = {ClearSky}, url = {https://www.clearskysec.com/muddywater-operations-in-lebanon-and-oman/}, language = {English}, urldate = {2019-07-09} } MuddyWater Operations in Lebanon and Oman
POWERSTATS
2018-07-03ClearSkyClearSky Research Team
@online{team:20180703:infrastructure:139fa0f, author = {ClearSky Research Team}, title = {{Infrastructure and Samples of Hamas’ Android Malware Targeting Israeli Soldiers}}, date = {2018-07-03}, organization = {ClearSky}, url = {https://www.clearskysec.com/glancelove/}, language = {English}, urldate = {2019-10-15} } Infrastructure and Samples of Hamas’ Android Malware Targeting Israeli Soldiers
GlanceLove
2017-12-05ClearSky Research Team
@online{team:20171205:charming:064ca51, author = {ClearSky Research Team}, title = {{Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets}}, date = {2017-12-05}, url = {http://www.clearskysec.com/charmingkitten/}, language = {English}, urldate = {2019-12-17} } Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets
DownPaper
2017-12ClearSkyClearSky Research Team
@techreport{team:201712:charming:49a8e0c, author = {ClearSky Research Team}, title = {{Charming Kitten}}, date = {2017-12}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2017/12/Charming_Kitten_2017.pdf}, language = {English}, urldate = {2019-12-04} } Charming Kitten
DownPaper Charming Kitten
2017-10-24ClearSkyClearSky Research Team
@online{team:20171024:iranian:f9fddd8, author = {ClearSky Research Team}, title = {{Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies}}, date = {2017-10-24}, organization = {ClearSky}, url = {http://www.clearskysec.com/greenbug/}, language = {English}, urldate = {2020-01-13} } Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies
ISMDoor
2017-10-24ClearSkyClearSky Research Team
@online{team:20171024:iranian:44f6acc, author = {ClearSky Research Team}, title = {{Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies}}, date = {2017-10-24}, organization = {ClearSky}, url = {https://www.clearskysec.com/greenbug/}, language = {English}, urldate = {2019-12-02} } Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies
Greenbug
2017-08-28ClearSkyClearSky Research Team
@online{team:20170828:recent:fab1e53, author = {ClearSky Research Team}, title = {{Recent ISMAgent Samples and Infrastructure by Iranian Threat Group GreenBug}}, date = {2017-08-28}, organization = {ClearSky}, url = {http://www.clearskysec.com/ismagent/}, language = {English}, urldate = {2019-12-19} } Recent ISMAgent Samples and Infrastructure by Iranian Threat Group GreenBug
ISMAgent