APT39

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2014
gptkbp:alsoKnownAs Chafer
Remix Kitten
gptkbp:associatedWith Ministry of Intelligence and Security (MOIS)
gptkbp:countryOfOrigin gptkb:Iran
gptkbp:focusesOn cybercrime
https://www.w3.org/2000/01/rdf-schema#label APT39
gptkbp:mitreGroupId G0087
gptkbp:monitors gptkb:FireEye
gptkb:MITRE_ATT&CK
gptkb:Mandiant
gptkbp:notableBattle global credential harvesting campaigns
targeting Middle Eastern and Western organizations
gptkbp:operatedBy gptkb:Iranian_government
gptkbp:status active
gptkbp:target travel industry
telecommunications sector
high-tech industries
gptkbp:technique credential harvesting
custom malware
remote access tools
spear phishing
gptkbp:usesMalware BLUETORCH
CacheMoney
Cadelspy
Hyperscrape
POWRUNNER
REDBALDKNIGHT
SEAWEED
SHELLCLOAK
gptkbp:bfsParent gptkb:Operation_Winnti
gptkbp:bfsLayer 7