|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2014
|
|
gptkbp:alsoKnownAs
|
gptkb:Rocket_Kitten
|
|
gptkbp:associatedWith
|
gptkb:Iranian_Revolutionary_Guard_Corps
|
|
gptkbp:countryOfOrigin
|
gptkb:Iran
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT23
|
|
gptkbp:mainLanguage
|
gptkb:Farsi
|
|
gptkbp:motive
|
gptkb:intelligence_gathering
espionage
|
|
gptkbp:notableBattle
|
attacks on Middle Eastern governments
attacks on Israeli organizations
attacks on Western defense contractors
|
|
gptkbp:operatedBy
|
gptkb:Iranian_government
|
|
gptkbp:target
|
gptkb:energy
government organizations
defense sector
telecommunications sector
individual dissidents
|
|
gptkbp:usesCredentialHarvesting
|
yes
|
|
gptkbp:usesCustomMalware
|
yes
|
|
gptkbp:usesDocumentExploits
|
yes
|
|
gptkbp:usesMalware
|
gptkb:NetTraveler
gptkb:RocketMan
gptkb:DOWNPAPER
gptkb:GHOLE
|
|
gptkbp:usesPhishing
|
yes
|
|
gptkbp:usesRemoteAccessTools
|
yes
|
|
gptkbp:usesSocialEngineering
|
yes
|
|
gptkbp:usesSpearPhishing
|
yes
|
|
gptkbp:usesWateringHoleAttacks
|
yes
|
|
gptkbp:usesZeroDayExploits
|
yes
|
|
gptkbp:bfsParent
|
gptkb:Operation_Winnti
gptkb:Hacker
|
|
gptkbp:bfsLayer
|
7
|