APT42

GPTKB entity

Statements (34)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2015
gptkbp:alsoKnownAs gptkb:Charming_Kitten
Phosphorus
TA453
Yellow Garuda
gptkbp:associatedWith gptkb:Islamic_Revolutionary_Guard_Corps
gptkbp:connectsTo gptkb:Iranian_government
gptkbp:countryOfOrigin gptkb:Iran
https://www.w3.org/2000/01/rdf-schema#label APT42
gptkbp:motive gptkb:intelligence_gathering
surveillance
gptkbp:notableBattle compromising email accounts
phishing campaigns against academics
targeting of Iranian diaspora
gptkbp:region global
gptkbp:reportsTo gptkb:Microsoft
gptkb:Mandiant
gptkb:Proofpoint
gptkbp:target gptkb:NGOs
Western countries
academics
government position
journalists
Middle Eastern countries
dissidents
gptkbp:technique credential harvesting
malware deployment
spear phishing
gptkbp:usesMalware custom malware
Android malware
PowerShell backdoors
gptkbp:bfsParent gptkb:Operation_Winnti
gptkbp:bfsLayer 7