بچه گربه هلیکس | |
Formation | c. 2004–2007 [1] |
---|---|
Type | Advanced persistent threat |
Purpose | Cyberespionage, cyberwarfare |
Methods | Zero-days, spearphishing, malware |
Official language | Persian |
Affiliations | APT33 |
Formerly called | APT34 |
Helix Kitten (also known as APT34 by FireEye, OILRIG, Crambus, Cobalt Gypsy, Hazel Sandstorm, [1] or EUROPIUM) [2] is a hacker group identified by CrowdStrike as Iranian. [3] [4]
The group has reportedly been active since at least 2014. [3] It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist. [3]
In April 2019, APT34's cyber-espionage tools' source code was leaked through Telegram. [5] [6]
The group has reportedly targeted organizations in the financial, energy, telecommunications, and chemical industries, as well as critical infrastructure systems. [3]
APT34 reportedly uses Microsoft Excel macros, PowerShell-based exploits and social engineering to gain access to its targets. [3]