Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Charming Kitten
Charming Kitten, also called APT35 (by Mandiant), Phosphorus or Mint Sandstorm (by Microsoft), Ajax Security (by FireEye), and NewsBeef (by Kaspersky), is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat (APT).
The United States Cybersecurity and Infrastructure Security Agency (CISA) has identified Charming Kitten as one of several Iranian state-aligned actors that target civil society organizations, including journalists, academics, and human rights defenders, in the United States, Europe, and the Middle East, as part of efforts to collect intelligence, manipulate discourse, and suppress dissent.
The group is known to conduct phishing campaigns that impersonate legitimate organizations and websites, using fake accounts and domains to harvest user credentials.
In 2013, former United States Air Force technical sergeant and military intelligence defense contractor Monica Witt defected to Iran knowing she might incur criminal charges by the United States for doing so.[citation needed] Her giving of intelligence to the government of Iran later caused Operation Saffron Rose, a cyberwarfare operation that targeted US military contractors.[citation needed]
In 2017, following a cyberattack on HBO, a large-scale joint investigation was launched on the grounds that confidential information was being leaked. A conditional statement by a hacker going by alias Sokoote Vahshat (Persian سکوت وحشت lit. 'Silence of Fear') said that if money was not paid, scripts of television episodes, including episodes of Game of Thrones, would be leaked. The hack caused a leak of 1.5 terabytes of data, some of which was shows and episodes that had not been broadcast at the time. HBO has since stated that it would take steps to make sure that they would not be breached again.
Behzad Mesri was subsequently indicted for the hack. He has since been alleged to be part of the operation unit that had leaked confidential information.
According to Certfa, Charming Kitten had targeted US officials involved with the 2015 Iran Nuclear Deal. The Iranian government denied any involvement.
A federal grand jury in the United States District Court for the District of Columbia indicted Witt on espionage charges (specifically "conspiracy to deliver and delivering national defense information to representatives of the Iranian government"). The indictment was unsealed on February 19, 2019. In the same indictment, four Iranian nationals—Mojtaba Masoumpour, Behzad Mesri, Hossein Parvar and Mohamad Paryar—were charged with conspiracy, attempting to commit computer intrusion, and aggravated identity theft, for a campaign in 2014 and 2015 that sought to compromise the data of Witt's former co-workers.
Hub AI
Charming Kitten AI simulator
(@Charming Kitten_simulator)
Charming Kitten
Charming Kitten, also called APT35 (by Mandiant), Phosphorus or Mint Sandstorm (by Microsoft), Ajax Security (by FireEye), and NewsBeef (by Kaspersky), is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat (APT).
The United States Cybersecurity and Infrastructure Security Agency (CISA) has identified Charming Kitten as one of several Iranian state-aligned actors that target civil society organizations, including journalists, academics, and human rights defenders, in the United States, Europe, and the Middle East, as part of efforts to collect intelligence, manipulate discourse, and suppress dissent.
The group is known to conduct phishing campaigns that impersonate legitimate organizations and websites, using fake accounts and domains to harvest user credentials.
In 2013, former United States Air Force technical sergeant and military intelligence defense contractor Monica Witt defected to Iran knowing she might incur criminal charges by the United States for doing so.[citation needed] Her giving of intelligence to the government of Iran later caused Operation Saffron Rose, a cyberwarfare operation that targeted US military contractors.[citation needed]
In 2017, following a cyberattack on HBO, a large-scale joint investigation was launched on the grounds that confidential information was being leaked. A conditional statement by a hacker going by alias Sokoote Vahshat (Persian سکوت وحشت lit. 'Silence of Fear') said that if money was not paid, scripts of television episodes, including episodes of Game of Thrones, would be leaked. The hack caused a leak of 1.5 terabytes of data, some of which was shows and episodes that had not been broadcast at the time. HBO has since stated that it would take steps to make sure that they would not be breached again.
Behzad Mesri was subsequently indicted for the hack. He has since been alleged to be part of the operation unit that had leaked confidential information.
According to Certfa, Charming Kitten had targeted US officials involved with the 2015 Iran Nuclear Deal. The Iranian government denied any involvement.
A federal grand jury in the United States District Court for the District of Columbia indicted Witt on espionage charges (specifically "conspiracy to deliver and delivering national defense information to representatives of the Iranian government"). The indictment was unsealed on February 19, 2019. In the same indictment, four Iranian nationals—Mojtaba Masoumpour, Behzad Mesri, Hossein Parvar and Mohamad Paryar—were charged with conspiracy, attempting to commit computer intrusion, and aggravated identity theft, for a campaign in 2014 and 2015 that sought to compromise the data of Witt's former co-workers.