Statements (33)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybercrime
|
| gptkbp:activeYearsStart |
2014
|
| gptkbp:alsoKnownAs |
gptkb:Charming_Kitten
|
| gptkbp:associatedWith |
gptkb:Iranian_Revolutionary_Guard_Corps
|
| gptkbp:connectsTo |
gptkb:APT35
gptkb:Newscaster_Team Phosphorus |
| gptkbp:countryOfOrigin |
gptkb:Iran
|
| gptkbp:infrastructure |
malicious domains
spoofed login pages fake news websites |
| gptkbp:mainLanguage |
gptkb:Persian
|
| gptkbp:motive |
espionage
surveillance |
| gptkbp:notableOperation |
gptkb:Operation_Saffron_Rose
gptkb:Operation_Newscaster targeting Middle Eastern organizations targeting US and UK universities |
| gptkbp:operatedBy |
gptkb:Iranian_government
|
| gptkbp:target |
academics
journalists human rights activists government organizations dissidents |
| gptkbp:technique |
social engineering
spear phishing watering hole attacks |
| gptkbp:usesMalware |
phishing tools
credential harvesting tools PowerShell backdoors |
| gptkbp:bfsParent |
gptkb:Operation_Winnti
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
APT52
|