Unveiling the Tools and Techniques of APT34

SUMMARY :

OilRig, also known as APT34 and Helix Kitten, is a sophisticated state-sponsored threat actor believed to be aligned with Iranian interests. Active since 2016, the group primarily targets organizations in the Middle East, focusing on sectors such as government, technology, and energy. OilRig employs advanced tactics including spearphishing, custom malware like Helminth and QUADAGENT, and exploitation of zero-day vulnerabilities. The group's operations showcase their ability to adapt to changing cybersecurity landscapes, leveraging obfuscation techniques and scripting languages to evade detection. Recent campaigns have demonstrated OilRig's proficiency in exploiting critical vulnerabilities and harvesting credentials, highlighting the persistent threat they pose to targeted organizations.

OPENCTI LABELS :

stealhook,cve-2024-30088,apt34,helix kitten,quadagent


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Unveiling the Tools and Techniques of APT34