Jump to content

Helix Kitten

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Personisgaming (talk | contribs) at 00:55, 19 July 2019. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Helix (also known as APT34, OILRIG) is a hacker group identified by FireEye as Iranian.[1][2]

History

The group has reportedly been active since at least 2014.[1] It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist.[1]

In April 2019, APT34's cyber-espionage tools' source code was leaked through Telegram.[3]

Targets

The group has reportedly targeted organizations in the financial, energy, telecommunications, and chemical industries, as well as critical infrastructure systems.[1]

Techniques

APT34 reportedly uses Microsoft Excel macros, PowerShell-based exploits and social engineering to gain access to its targets.[1]

References

  1. ^ a b c d e Newman, Lily Hay (December 7, 2017). "APT 34 Is an Iran-Linked Hacking Group That Probes Critical Infrastructure". Wired. Archived from the original on December 10, 2017. {{cite news}}: Italic or bold markup not allowed in: |publisher= (help)
  2. ^ Sardiwal, Manish; Londhe, Yogesh; Fraser, Nalani; Fraser, Nicholas; O'Leary, Jaqueline; Cannon, Vincent (December 7, 2017). "New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit". FireEye. Archived from the original on December 10, 2017.
  3. ^ Catalin Cimpanu (April 17, 2019). "Source code of Iranian cyber-espionage tools leaked on Telegram; APT34 hacking tools and victim data leaked on a secretive Telegram channel since last month". Retrieved April 24, 2019.
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Helix_Kitten&oldid=906895504"