Common Information
| Type | Value |
|---|---|
| Value |
Charming Kitten - G0058 |
| Category | Actor |
| Type | Mitre-Enterprise-Attack-Intrusion-Set |
| Misp Type | Cluster |
| Description | Charming Kitten is an Iranian cyber espionage group that has been active since approximately 2014. They appear to focus on targeting individuals of interest to Iran who work in academic research, human rights, and media, with most victims having been located in Iran, the US, Israel, and the UK. Charming Kitten usually tries to access private email and Facebook accounts, and sometimes establishes a foothold on victim computers as a secondary objective. The group's TTPs overlap extensively with another group, Rocket Kitten, resulting in reporting that may not distinguish between the two groups' activities. (Citation: ClearSky Charming Kitten Dec 2017) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-07-01 | 1 | Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks - RedPacket Security | ||
| Details | Website | 2023-06-30 | 1 | Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks | ||
| Details | Website | 2023-06-30 | 1 | Iran-Linked APT35 Targets Israeli Media With Upgraded Spear-Phishing Tools | ||
| Details | Website | 2023-06-30 | 1 | Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks - RedPacket Security | ||
| Details | Website | 2023-06-29 | 7 | From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon | ||
| Details | Website | 2023-06-29 | 7 | From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon | ||
| Details | Website | 2023-06-29 | 3 | Charming Kitten APT Group Uses Innovative Spear-phishing Methods | ||
| Details | Website | 2023-06-28 | 6 | Charming Kitten Updates POWERSTAR with an InterPlanetary Twist | ||
| Details | Website | 2023-06-28 | 6 | Charming Kitten Updates POWERSTAR with an InterPlanetary Twist | ||
| Details | Website | 2023-06-28 | 0 | Charming Kitten's POWERSTAR Malware Advances with Sophisticated Techniques | Cyware Hacker News | ||
| Details | Website | 2023-06-22 | 54 | 每周高级威胁情报解读(2023.06.22~06.29) | ||
| Details | Website | 2023-06-05 | 13 | Iran Cyber Threat Overview | ||
| Details | Website | 2023-05-26 | 8 | APT Groups: Leading Players of Cyber Threats | ||
| Details | Website | 2023-05-10 | 4 | State-Sponsored Threat Actors Exploiting PaperCut Vulnerabilities | ||
| Details | Website | 2023-05-09 | 3 | Microsoft: Iranian APTs Exploiting Recent PaperCut Vulnerability | ||
| Details | Website | 2023-05-08 | 42 | 安全事件周报 第17周 | ||
| Details | Website | 2023-05-02 | 0 | BellaCiao malware, the primary weapon of Charming Kitten | ||
| Details | Website | 2023-04-28 | 1 | 'BellaCiao' Showcases How Iran's Threat Groups Are Modernizing Their Malware | ||
| Details | Website | 2023-04-27 | 4 | Threat Actor Names Proliferate, Adding Confusion | ||
| Details | Website | 2023-04-27 | 47 | 每周高级威胁情报解读(2023.04.27~05.04) | ||
| Details | Website | 2023-04-26 | 2 | Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks | ||
| Details | Website | 2023-04-26 | 2 | Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks - RedPacket Security | ||
| Details | Website | 2023-04-26 | 49 | Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware | ||
| Details | Website | 2023-04-26 | 46 | Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware | ||
| Details | Website | 2023-04-25 | 2 | Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor |