← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Iranian backed group steps up phishing campaigns against Israel, U.S.
WHITE APT42 AlienVault 2024-08-26 Modified: 2024-09-25
46
IOCs
MEDIUM VOLUME
An Iranian government-backed threat group known as APT42 has significantly intensified its phishing campaigns targeting high-profile individuals in Israel and the United States over the past six months. The group, associated with Iran's Islamic Revolutionary Guard Corps, has focused on current and former government officials, political campaigns, diplomats, think tanks, NGOs, and academic institutions involved in foreign policy discussions. APT42's activities demonstrate a concerted effort to rapidly shift its operational priorities in line with Iran's political and military objectives.
election targetingycollectionlcollectioniransocial engineeringdwpphishingcredential theftgcollection
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
GCollection LCollection YCollection DWP
Indicators of Compromise (5 / 46 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 157284a93f3c5f488f4559db3537daea 2024-08-26
FileHash-MD5 1cea34e748cc43cdc7724684cebf409f 2024-08-26
FileHash-MD5 39556dc87f9a24405e73e6dd46d34bc7 2024-08-26
FileHash-MD5 6c033c2cbeff71f7d17be4628c7e59f5 2024-08-26
FileHash-MD5 b6f02f67e2b5d2c81bc502d24258a1d5 2024-08-26
References (1)
↗ https://blog.google/threat-analysis-group/iranian-backed-group-steps-up-phishing-campaigns-against-israel-us/