Threat Intelligence Report EclecticIQ Fusion Center Report: Possible APT33 Return Adds to Uptick in Iranian Activity (English)

In the same week as spotting fresh Intrusion Set: Greenbug activity, EclecticIQ analysts have observed a number of malware samples in the wild from fellow Iranian espionage group Intrusion Set: APT33.

Report from EclecticIQ Fusion Center from Wednesday 6 June 2018.

Key Findings:

A number of Malware Variant: TurnedUp 9118b4 samples were uploaded for the first time to VirusTotal on June 5th, 2018, likely by the same user, along with one sample of Tool Variant: ALFA webshell b48io0 , previously tied to APT33 by FireEye.

APT33 is known to have a particular interest in the aerospace and petrochemical sectors and the group's prior targeting extends beyond the Middle East to South Korea and the US.

Download Resource

Download report and STIX entitiesSee other resources