APT44

GPTKB entity

Statements (49)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2014
gptkbp:alsoKnownAs gptkb:APT35
gptkb:Charming_Kitten
Phosphorus
Newscaster
gptkbp:connectsTo gptkb:Iranian_government
gptkbp:countryOfOrigin gptkb:Iran
gptkbp:enemyOf malware
phishing
social engineering
credential harvesting
https://www.w3.org/2000/01/rdf-schema#label APT44
gptkbp:listedOn gptkb:Microsoft
gptkb:US_Department_of_Justice
gptkb:FireEye
gptkb:Mandiant
gptkbp:mainLanguage gptkb:Persian
gptkbp:motive espionage
surveillance
information theft
gptkbp:notable_campaign gptkb:Operation_Newscaster
Spear-phishing against US and UK entities
gptkbp:notableVictim gptkb:energy
international organizations
human rights activists
technology companies
US presidential campaigns
gptkbp:operatedBy gptkb:Islamic_Revolutionary_Guard_Corps
gptkbp:region gptkb:Asia
gptkb:Europe
gptkb:Middle_East
gptkb:North_America
gptkbp:sanctionedBy gptkb:US_Treasury_Department
gptkbp:target gptkb:government
gptkb:NGOs
academics
journalists
government organizations
dissidents
gptkbp:uses custom malware
open-source tools
social media impersonation
gptkbp:usesMalware Windows malware
Android malware
PowerShell backdoors
macOS malware
gptkbp:bfsParent gptkb:Operation_Winnti
gptkbp:bfsLayer 7