Threat Intelligence Report EclecticIQ Fusion Center Report: Possible APT33 Return Adds to Uptick in Iranian Activity (English)
In the same week as spotting fresh Intrusion Set: Greenbug activity, EclecticIQ analysts have observed a number of malware samples in the wild from fellow Iranian espionage group Intrusion Set: APT33.
Report from EclecticIQ Fusion Center from Wednesday 6 June 2018.
A number of Malware Variant: TurnedUp 9118b4 samples were uploaded for the first time to VirusTotal on June 5th, 2018, likely by the same user, along with one sample of Tool Variant: ALFA webshell b48io0 , previously tied to APT33 by FireEye.
APT33 is known to have a particular interest in the aerospace and petrochemical sectors and the group's prior targeting extends beyond the Middle East to South Korea and the US.