🇮🇷

LYCEUM

APT Group Information theft and espionage ETDA ✓

Also Known As 8 names

COBALT LYCEUM Chrono Kitten HEXANE MYSTICDOME Spirlin Storm-0133 UNC1530 siamesekitten

Target Countries 11

Countries highlighted in red

United Arab Emirates Albania Czech Republic Egypt Israel Kuwait Morocco Saudi Arabia Tunisia United States South Africa

Sectors Targeted

Public Administration 92 Grantmaking and Giving Services 8132 Military Commercial Banking 52211 Oil and Gas Extraction 211 Telecomms Motion Picture and Video Production 51211 Utilities 22 Professional, Scientific, and Technical Services 54 Telecommunications Government Computer Systems Design Services 541512 Oil and gas Energy Telecommunications 517 National Security and International Affairs 928 Management, Scientific, and Technical Consulting Services 5416 Educational Services 61 High-Tech Air Transportation 481 Defense Education

Details

Origin 🇮🇷 IR
Last Updated 01 Jun 2022

Malware Families 6

lyceum_http_backdoor_dotnet
lyceum_http_backdoor_golang
zhmimikatz
unidentified_095
dustman
lyceum_dns_backdoor_dotnet

MITRE ATT&CK 94

T1003 T1003.001 T1008 T1010 T1016 T1016.001 T1018 T1021 T1021.001 T1021.002 T1027 T1027.010 T1030 T1033 T1036 T1036.005 T1041 T1046 T1047 T1049 T1053 T1053.005 T1056 T1056.001 T1057 T1059 T1059.001 T1059.003 T1059.005 T1069 T1069.001 T1071 T1078 T1078.001 T1082 T1087 T1087.003 T1095 T1098 T1098.002 T1102 T1102.002 T1105 T1106 T1110 T1110.003 T1114 T1114.002 T1127 T1134 T1134.001 T1190 T1193 T1199 T1204 T1204.002 T1219 T1486 T1505 T1505.003 T1518 T1534 T1546 T1546.003 T1553 T1555 T1555.003 T1561 T1561.002 T1562 T1562.001 T1562.002 T1566 T1567 T1567.002 T1570 T1583 T1583.001 T1583.002 T1585 T1585.001 T1585.002 T1586 T1586.002 T1587 T1588 T1588.002 T1588.003 T1589 T1589.002 T1591 T1591.004 T1608 T1608.001

Related Zero-Days

No zero-day CVE linked to this actor