Helix Kitten: Difference between revisions
Content deleted Content added
refine category |
Reverting name to original page title. Tag: Reverted |
||
| Line 1: | Line 1: | ||
{{Infobox Organization |
{{Infobox Organization |
||
| name = |
| name = APT34 |
||
| native_name = بچه گربه هلیکس |
| native_name = بچه گربه هلیکس |
||
| native_name_lang = Persian |
| native_name_lang = Persian |
||
| Line 23: | Line 23: | ||
}} |
}} |
||
''' |
'''APT34''' (also known as OilRig by [[Palo Alto Networks]] and Helix Kitten by [[CrowdStrike]] is an Iranian hacking group. <ref name="Wired">{{cite magazine |magazine=[[Wired (magazine)|Wired]] |title=APT 34 Is an Iran-Linked Hacking Group That Probes Critical Infrastructure |url=https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/ |archive-url=https://web.archive.org/web/20171210144943/https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/ |archive-date=December 10, 2017 |first=Lily Hay |last=Newman |date=December 7, 2017}}</ref><ref name="FireEye">{{cite news |url=https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html |publisher=[[FireEye]] |title=New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit |date=December 7, 2017 |archive-date=December 10, 2017 |archive-url=https://web.archive.org/web/20171210145601/https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html |first=Manish |last=Sardiwal |first2=Yogesh |last2=Londhe |first3=Nalani |last3=Fraser |first4=Nicholas |last4=Fraser |first5=Jaqueline |last5=O'Leary |first6=Vincent |last6=Cannon}}</ref> |
||
==History== |
==History== |
||
Revision as of 14:19, 15 January 2021
بچه گربه هلیکس | |
| Formation | c. 2004–2007[1] |
|---|---|
| Type | Advanced persistent threat |
| Purpose | Cyberespionage, cyberwarfare |
| Methods | Zero-days, spearphishing, malware |
Official language | Persian |
Formerly called | APT34 |
APT34 (also known as OilRig by Palo Alto Networks and Helix Kitten by CrowdStrike is an Iranian hacking group. [1][2]
History
The group has reportedly been active since at least 2014.[1] It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist.[1]
In April 2019, APT34's cyber-espionage tools' source code was leaked through Telegram.[3][4]
Targets
The group has reportedly targeted organizations in the financial, energy, telecommunications, and chemical industries, as well as critical infrastructure systems.[1]
Techniques
APT34 reportedly uses Microsoft Excel macros, PowerShell-based exploits and social engineering to gain access to its targets.[1]
References
- ^ a b c d e Newman, Lily Hay (December 7, 2017). "APT 34 Is an Iran-Linked Hacking Group That Probes Critical Infrastructure". Wired. Archived from the original on December 10, 2017.
- ^ Sardiwal, Manish; Londhe, Yogesh; Fraser, Nalani; Fraser, Nicholas; O'Leary, Jaqueline; Cannon, Vincent (December 7, 2017). "New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit". FireEye. Archived from the original on December 10, 2017.
- ^ Catalin Cimpanu (April 17, 2019). "Source code of Iranian cyber-espionage tools leaked on Telegram; APT34 hacking tools and victim data leaked on a secretive Telegram channel since last month". Retrieved April 24, 2019.
- ^ https://www.cyberscoop.com/oilrig-leak-iran-telegram-helix-kitten/