Statements (33)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybercrime
|
| gptkbp:activeYearsStart |
2014
|
| gptkbp:alsoKnownAs |
Chafer
Remix Kitten |
| gptkbp:associatedWith |
Ministry of Intelligence and Security (MOIS)
|
| gptkbp:countryOfOrigin |
gptkb:Iran
|
| gptkbp:focusesOn |
cybercrime
|
| https://www.w3.org/2000/01/rdf-schema#label |
APT39
|
| gptkbp:mitreGroupId |
G0087
|
| gptkbp:monitors |
gptkb:FireEye
gptkb:MITRE_ATT&CK gptkb:Mandiant |
| gptkbp:notableBattle |
global credential harvesting campaigns
targeting Middle Eastern and Western organizations |
| gptkbp:operatedBy |
gptkb:Iranian_government
|
| gptkbp:status |
active
|
| gptkbp:target |
travel industry
telecommunications sector high-tech industries |
| gptkbp:technique |
credential harvesting
custom malware remote access tools spear phishing |
| gptkbp:usesMalware |
BLUETORCH
CacheMoney Cadelspy Hyperscrape POWRUNNER REDBALDKNIGHT SEAWEED SHELLCLOAK |
| gptkbp:bfsParent |
gptkb:Operation_Winnti
|
| gptkbp:bfsLayer |
7
|