Statements (33)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cybercrime
|
gptkbp:activeYearsStart |
2014
|
gptkbp:alsoKnownAs |
gptkb:Charming_Kitten
|
gptkbp:associatedWith |
gptkb:Iranian_Revolutionary_Guard_Corps
|
gptkbp:connectsTo |
gptkb:APT35
gptkb:Newscaster_Team Phosphorus |
gptkbp:countryOfOrigin |
gptkb:Iran
|
https://www.w3.org/2000/01/rdf-schema#label |
APT52
|
gptkbp:infrastructure |
malicious domains
spoofed login pages fake news websites |
gptkbp:mainLanguage |
gptkb:Persian
|
gptkbp:motive |
espionage
surveillance |
gptkbp:notableOperation |
gptkb:Operation_Saffron_Rose
gptkb:Operation_Newscaster targeting Middle Eastern organizations targeting US and UK universities |
gptkbp:operatedBy |
gptkb:Iranian_government
|
gptkbp:target |
academics
journalists human rights activists government organizations dissidents |
gptkbp:technique |
social engineering
spear phishing watering hole attacks |
gptkbp:usesMalware |
phishing tools
credential harvesting tools PowerShell backdoors |
gptkbp:bfsParent |
gptkb:Operation_Winnti
|
gptkbp:bfsLayer |
7
|