Clever Kitten

Description

(CrowdStrike) Clever Kitten primarily targets global companies with strategic importance to countries that are contrary to Iranian interests.

Clever Kitten actors have a strong affinity for PHP server-side attacks to make access; this is relatively unique amongst targeted attackers who often favor targeting a specific individual at a specific organization using social engineering. Some attackers have moved to leveraging strategic web compromises. The reason for this is likely the availability of exploits against web browsers, which for a variety of reasons allows an attacker to bypass security features such as Data Execution Prevention (DEP) or Address Space Layout Randomization (ASLR).

Names

Name	Name-Giver
Clever Kitten	CrowdStrike
Group 41	Talos

Country

Iran

Motivation

Information theft and espionage

First Seen

2013

Observed Sectors

Global companies with strategic importance to countries that are contrary to Iranian interests.

Tools

Information

https://www.crowdstrike.com/blog/whois-clever-kitten/

Other Information

Uuid

937fc2ca-f7b3-4be7-ab2c-32b67bd7dac4

Last Card Change

2020-04-14

Threat Intelligence Garden

Explorer

Clever Kitten

Clever Kitten

Description

Names

Country

Motivation

First Seen

Observed Sectors

Tools

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks