🇵🇸
AridViper
APT Group
Information theft and espionage
3 zero-day CVEs
ETDA ✓
Also Known As 21 names
Molerats
Grey Karkadann
TA402
Gaza Cyber Gang
UNC718
G0021
Gaza Hackers Team
Mantis
TAG-CT5
Desert Falcons
Aluminum Saratoga
Renegade Jackal
Two-tailed Scorpion
Extreme Jackal
MoleRATs
Desert Varnish
APT-C-23
APT C-23
Desert Falcon
ATK 89
Gaza Cybergang
Target Countries 37
Countries highlighted in red
United Arab Emirates
Afghanistan
Bahrain
Canada
Switzerland
Chile
China
Germany
Denmark
Algeria
Egypt
United Kingdom
Israel
India
Iraq
Islamic Republic of Iran
Jordan
Republic of Korea
Kuwait
Lebanon
Latvia
Libya
Morocco
Former Yugoslav Republic of Macedonia
New Zealand
Oman
Poland
Palestine
Qatar
Serbia
Saudi Arabia
Slovenia
Somalia
Syrian Arab Republic
Turkey
United States
Yemen
Sectors Targeted
Educational Services
61
Computer Systems Design Services
541512
Religious, Grantmaking, Civic, Professional, and Similar Organizations
813
Data Processing, Hosting, and Related Services
518
Mining, Quarrying, and Oil and Gas Extraction
21
National Security and International Affairs
928
Media
Embassies
Telecommunications
517
Computer and Electronic Product Manufacturing
334
Energy
High-Tech
Oil and gas
Periodical Publishers
51112
Telecommunications
Government
Internet Publishing and Broadcasting and Web Search Portals
51913
Computer Systems Design and Related Services
54151
Commercial Banking
52211
NAICS:44
44
Professional, Scientific, and Technical Services
54
Space Research and Technology
927
Data Processing, Hosting, and Related Services
51821
Defense
journalists and software developers
National Security and International Affairs
928110
Financial
Utilities
22
Justice, Public Order, and Safety Activities
922
Insurance Carriers and Related Activities
524
Finance and Insurance
52
Other Information Services
519
Monetary Authorities-Central Bank
521
Information
51
Aerospace
Public Administration
92
Grantmaking and Giving Services
8132
Details
Origin
🇵🇸 PS
Last Updated
12 Jul 2024
Malware Families 6
extreme_rat
pierogi
brittle_bush
nimblemamba
molerat_loader
badpatch
MITRE ATT&CK 67
T1001 - Data Obfuscation
T1005 - Data from Local System
T1007 - System Service Discovery
T1016 - System Network Configuration Discovery
T1021
T1025
T1027 - Obfuscated Files or Information
T1027.015
T1033 - System Owner/User Discovery
T1036
T1038 - DLL Search Order Hijacking
T1049
T1053 - Scheduled Task/Job
T1053.001 - At (Linux)
T1053.002 - At (Windows)
T1053.003 - Cron
T1053.005 - Scheduled Task
T1053.006 - Systemd Timers
T1053.007 - Container Orchestration Job
T1055.001 - Dynamic-link Library Injection
T1055.002 - Portable Executable Injection
T1055.003 - Thread Execution Hijacking
T1055.004 - Asynchronous Procedure Call
T1055.008 - Ptrace System Calls
T1056
T1057 - Process Discovery
T1059 - Command and Scripting Interpreter
T1059.001 - PowerShell
T1059.005
T1059.007
T1065
T1068
T1071
T1071.001 - Web Protocols
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1087
T1095 - Non-Application Layer Protocol
T1102
T1105
T1106
T1113
T1123
T1135
T1140 - Deobfuscate/Decode Files or Information
T1189
T1192
T1204 - User Execution
T1204.001
T1204.002 - Malicious File
T1218 - Signed Binary Proxy Execution
T1218.007
T1218.011 - Rundll32
T1490 - Inhibit System Recovery
T1498 - Network Denial of Service
T1531
T1547
T1547.001 - Registry Run Keys / Startup Folder
T1553 - Subvert Trust Controls
T1553.002
T1555
T1555.003
T1562
T1562.001 - Disable or Modify Tools
T1566 - Phishing
T1566.001
T1566.002