The group has reportedly been active since at least 2014. In April 2019, APT34's cyber-espionage tools' source code was leaked through Telegram. IRN2, HELIX KITTEN, APT34 OilRig is a suspected Iranian threat group that has targeted Middle Eastern and international victims since at least 2014. Less than a week after Microsoft issued a patch for CVE-2017-11882 on Nov. 14, 2017, FireEye observed an attacker using an exploit for the Microsoft Office vulnerability to target a government organization in the Middle East. Among their goals, financial sector and inter-Korea related intelligence stand out as priorities among DPRK actors. Avg. History; Targets; Techniques; References; History. APT34 (also known as OilRig or Helix Kitten) is a cluster of Iranian government-backed cyber espionage activities that has been active since 2014. OilRig APT Continues Its Ongoing Malware Evolution. Targets. The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. Iranian hacker group Pioneer Kitten is selling network access data to compromised companiesâ networks on underground forums. OilRig Targets Middle Eastern Telecom Organization and Adds Novel C2 Channel with Steganography to Its Inventory. ... Crambus, Helix Kitten, TTP, Steganography, APT34, ZeroCleare, Malware Analysis, RDAT backdoor. APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants. [1] Helix Kitten (APT34) (Image: CrowdStrike) Allegiance: Iran; Active since: 2007; Best known for: The 2013 New York Dam hack, attacks on the Australian Parliament House in 2019; Contrary to the other countries in this list, Iran seems to be increasingly utilizing contract hackers to conduct the regimeâs offensive operations. [1] [2] Contents. [1] It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist. The experts believe that the attacker was launched by the cyber-espionage group APT34 (aka OilRig or Helix Kitten). The group is known to target various international organizations, mainly in the Middle East. The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. We assess this activity was carried out by a suspected Iranian cyber espionage threat group, whom we refer to as APT34, using a custom PowerShell backdoor to achieve ⦠About Pioneer Kitten Pioneer Kitten is an Iranian government backed APT (Advanced Persistent Threat) group, also known as Fox Kitten or ⦠Se calcula que lleva activo desde 2014 (a pesar de que se dice que se creó sobre el 2004) y sus objetivos están muy ⦠Tag: Helix Kitten. Posted on September 13, 2018 January 1, 2021. Helix (also known as APT34 by FireEye, OILRIG) is a hacker group identified by CrowdStrike as Iranian. Very recently another custom malicious implant that seems to be related to APT34 (aka OilRig) has been uploaded to a major malware analysis platform. APT34 Background. APT34 is an Iran-linked APT group that has been around since at least 2014, it mainly targeted organizations in the financial, government, energy, telecoms and chemical sectors in the United States and Middle Eastern countries. Despite diplomatic overtures, DPRK-based adversaries appear to have increased their activity this year. Helix Kitten Este actor que es de origen iraní (por si no quedaba claroâ¦) y se le relaciona con un largo historial de operaciones de ciber espionaje. Clever Kitten; Helix Kitten (APT34) Pioneer Kitten; Refined Kitten (APT33) North Korean Adversaries. APT34 (also known as OilRig and HelixKitten) is a suspected Iranian threat group that has targeted Middle Eastern and international victims since at least 2014. The group has been exploiting vulnerabilities in enterprise VPNs and network equipment to breach corporate networks.