Threat Intelligence Report

EclecticIQ Fusion Center Report: Possible APT33 Return Adds to Uptick in Iranian Activity (English)

In the same week as spotting fresh Intrusion Set: Greenbug activity, EclecticIQ analysts have observed a number of malware samples in the wild from fellow Iranian espionage group Intrusion Set: APT33.

Report from EclecticIQ Fusion Center from Wednesday 6 June 2018.

Key Findings:

  • A number of Malware Variant: TurnedUp 9118b4 samples were uploaded for the first time to VirusTotal on June 5th, 2018, likely by the same user, along with one sample of Tool Variant: ALFA webshell b48io0 , previously tied to APT33 by FireEye.
  • APT33 is known to have a particular interest in the aerospace and petrochemical sectors and the group's prior targeting extends beyond the Middle East to South Korea and the US.

Download Report

About EclecticIQ

EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.