Common Information
| Type | Value |
|---|---|
| Value |
APT34 - G0057 |
| Category | Actor |
| Type | Mitre-Intrusion-Set |
| Misp Type | Cluster |
| Description | APT34 is an Iranian cyber espionage group that has been active since at least 2014. The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. FireEye assesses that the group works on behalf of the Iranian government based on infrastructure details that contain references to Iran, use of Iranian infrastructure, and targeting that aligns with nation-state interests. APT34 loosely aligns with public reporting related to OilRig, but may not wholly align due to companies tracking threat groups in different ways. (Citation: FireEye APT34 Dec 2017) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-06-21 | 23 | Investigating APT Groups' Attempts to Reuse Old Threat Indicators | ||
| Details | Website | 2023-06-19 | 2 | BLACK HAT: HACKERS Unmasked | ||
| Details | Website | 2023-06-07 | 4 | The Origin Story of the APT Turla, the Hunt for "The Snake" Malware, and Current Steps for Prevention | ||
| Details | Website | 2023-06-05 | 13 | Iran Cyber Threat Overview | ||
| Details | Website | 2023-05-30 | 1 | Exposed: The PowerExchange Backdoor Vulnerability in Microsoft Exchange Servers | Threat Intelligence | CloudSEK | ||
| Details | Website | 2023-05-25 | 2 | New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government | ||
| Details | Website | 2023-05-25 | 6 | Iranian Cybercriminals Targeting UAE Government Websites Traced with Backdoor Data | ||
| Details | Website | 2023-05-24 | 8 | Vertical Target Series: Basic Materials and Government | ||
| Details | Website | 2023-05-24 | 2 | New PowerExchange malware backdoors Microsoft Exchange servers | ||
| Details | Website | 2023-05-22 | 106 | 安全事件周报 2023-05-22 第21周 | ||
| Details | Website | 2023-05-20 | 2 | The Underground History of Russia's Most Ingenious Hacker Group | ||
| Details | Website | 2023-03-13 | 62 | 安全事件周报 2023-03-13 第11周 | ||
| Details | Website | 2023-03-07 | 3 | Threat Labs News Roundup: February 2023 | ||
| Details | Website | 2023-02-16 | 5 | Threat Actors Sheets: OpenAI Generated ! | ||
| Details | Website | 2023-02-06 | 94 | Collect, Exfiltrate, Sleep, Repeat - The DFIR Report | ||
| Details | Website | 2023-02-03 | 2 | Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations | ||
| Details | Website | 2023-02-03 | 1 | New Credential-Stealing Campaign By APT34 Targets Middle East Firms | ||
| Details | Website | 2023-02-02 | 23 | New APT34 Malware Targets The Middle East | ||
| Details | Website | 2023-02-02 | 27 | New APT34 Malware Targets The Middle East | ||
| Details | Website | 2023-01-28 | 2 | The blurry boundaries between nation-state actors and the… | Intel471 | ||
| Details | Website | 2022-11-17 | 19 | Fielding Threats: Cyber, Influence, and Physical Threats to the 2022 FIFA World Cup in Qatar | ||
| Details | Website | 2022-11-09 | 1 | Microsoft performance in 2022 MITRE Engenuity ATT&CK® Evaluations for Managed Services - Microsoft Security Blog | ||
| Details | Website | 2022-09-10 | 7 | U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania | ||
| Details | Website | 2022-09-09 | 2 | US Sanctions Iran Over APT Cyberattack Activity | ||
| Details | Website | 2022-08-30 | 3 | HYPERSCRAPE Detection: Iranian Cyberespionage Group APT35 Uses a Custom Tool to Steal User Data - SOC Prime |