|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2014
|
|
gptkbp:alsoKnownAs
|
gptkb:Helix_Kitten
gptkb:OilRig
|
|
gptkbp:associatedWith
|
gptkb:Iranian_Ministry_of_Intelligence
gptkb:Iranian_government
|
|
gptkbp:connectsTo
|
gptkb:intelligence_gathering
cybercrime
cyber operations
data exfiltration
|
|
gptkbp:countryOfOrigin
|
gptkb:Iran
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT34
|
|
gptkbp:mainLanguage
|
gptkb:Persian
English
|
|
gptkbp:notableEvent
|
2019 leak of tools and data
|
|
gptkbp:region
|
gptkb:Asia
gptkb:Europe
gptkb:Middle_East
gptkb:North_Africa
gptkb:United_States
|
|
gptkbp:reportsTo
|
gptkb:Microsoft
gptkb:Palo_Alto_Networks
gptkb:ClearSky_Security
gptkb:CrowdStrike
gptkb:FireEye
gptkb:Kaspersky_Lab
gptkb:Mandiant
gptkb:Symantec
gptkb:Secureworks
gptkb:Recorded_Future
|
|
gptkbp:target
|
gptkb:energy
gptkb:government
government organizations
critical infrastructure
telecommunications sector
chemical sector
|
|
gptkbp:technique
|
PowerShell scripts
credential harvesting
custom malware
spear phishing
watering hole attacks
web shells
|
|
gptkbp:usesMalware
|
gptkb:POWBAT
gptkb:QUADAGENT
gptkb:Dragon
gptkb:Agent_Injector
gptkb:DNSpionage
gptkb:ThreeDollars
gptkb:ValueVault
BondUpdater
Karkoff
|
|
gptkbp:bfsParent
|
gptkb:MuddyWater
|
|
gptkbp:bfsLayer
|
6
|