Advanced Persistent Threat 34

From HandWiki

Advanced Persistent Threat 34 (APT34) is a hacker group identified by FireEye as Iranian.[1][2]

History

The group has reportedly been active since at least 2014.[1] It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist.[1]

Targets

The group has reportedly targeted organizations in the financial, energy, telecommunications, and chemical industries, as well as critical infrastructure systems.[1]

Techniques

APT34 reportedly uses Microsoft Excel macros, PowerShell-based exploits and social engineering to gain access to its targets.[1]

References

  1. 1.0 1.1 1.2 1.3 1.4 Newman, Lily Hay (December 7, 2017). "APT 34 Is an Iran-Linked Hacking Group That Probes Critical Infrastructure". Wired. https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/. 
  2. Sardiwal, Manish; Londhe, Yogesh; Fraser, Nalani; Fraser, Nicholas; O'Leary, Jaqueline; Cannon, Vincent (December 7, 2017). "New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit". FireEye. https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html. 




Retrieved from "https://handwiki.org/wiki/index.php?title=Advanced_Persistent_Threat_34&oldid=106594"