Karkadann

Description

(Kaspersky) Karkadann is a threat actor that has been targeting government bodies and news outlets in the Middle East since at least October 2020. The threat actor leverages tailor-made malicious documents with embedded macros that trigger an infection chain, opening a URL in Internet Explorer. The minimal functionality present in the macros and the browser specification suggest that the threat actor might be exploiting a privilege-escalation vulnerability in Internet Explorer. Despite the small amount of evidence available for analysis in the Karkadann case, we were able to find several similarities to the Piwiks case, a watering-hole attack we discovered that targeted multiple prominent websites in the Middle East.

Names

Name	Name-Giver
Karkadann	Kaspersky

Country

Unknown

Motivation

Information theft and espionage

First Seen

2020

Observed Sectors

Observed Countries

Middle East

Information

https://securelist.com/apt-trends-report-q1-2021/101967/

Other Information

Uuid

d2b2b2d8-739f-4602-98e2-b53dfb24792e

Last Card Change

2021-05-16

Threat Intelligence Garden

Explorer

Karkadann

Karkadann

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks