🇮🇷
HomeLand Justice
APT Group
Sabotage and destruction
6 zero-day CVEs
ETDA ✓
Also Known As
No alias recordedTarget Countries 7
Countries highlighted in red
Albania
Germany
France
Israel
Romania
United States
South Africa
Sectors Targeted
Construction
23
Grantmaking and Giving Services
8132
Telecommunications
517
Data Processing, Hosting, and Related Services
51821
NAICS:31
31
National Security and International Affairs
9281
Air Transportation
481
National Security and International Affairs
928
Motion Picture and Video Production
51211
Public Administration
92
Details
Origin
🇮🇷 IR
Last Updated
13 Apr 2026
MITRE ATT&CK 52
T1001 - Data Obfuscation
T1012 - Query Registry
T1016 - System Network Configuration Discovery
T1020 - Automated Exfiltration
T1027 - Obfuscated Files or Information
T1033 - System Owner/User Discovery
T1036 - Masquerading
T1046
T1055 - Process Injection
T1056 - Input Capture
T1057 - Process Discovery
T1059
T1059.003 - Windows Command Shell
T1059.005 - Visual Basic
T1059.007 - JavaScript
T1071 - Application Layer Protocol
T1071.001 - Web Protocols
T1078.003
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1090 - Proxy
T1095
T1102 - Web Service
T1105 - Ingress Tool Transfer
T1106 - Native API
T1112 - Modify Registry
T1132 - Data Encoding
T1132.001 - Standard Encoding
T1137 - Office Application Startup
T1140 - Deobfuscate/Decode Files or Information
T1190
T1195 - Supply Chain Compromise
T1199 - Trusted Relationship
T1204.002 - Malicious File
T1496
T1530 - Data from Cloud Storage Object
T1547.001 - Registry Run Keys / Startup Folder
T1552 - Unsecured Credentials
T1552.001 - Credentials In Files
T1562 - Impair Defenses
T1566 - Phishing
T1566.001 - Spearphishing Attachment
T1568 - Dynamic Resolution
T1568.001 - Fast Flux DNS
T1573 - Encrypted Channel
T1573.002 - Asymmetric Cryptography
T1583 - Acquire Infrastructure
T1584 - Compromise Infrastructure
T1587 - Develop Capabilities
T1587.001
T1588 - Obtain Capabilities
T1608 - Stage Capabilities