Domestic Kitten: An Iranian Surveillance Operation
概要
Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the Middle East who had already internalized and implemented this strategy to great effect, and continue to do so today.
Recent investigations by Check Point researchers reveal an extensive and targeted attack that has been taking place since 2016 and, until now, has remained under the radar due to the artful deception of its attackers towards their targets. Through the use of mobile applications, those behind the attack use fake decoy content to entice their victims to download such applications, which are in fact loaded with spyware, to then collect sensitive information about them. Interestingly, these targets include Kurdish and Turkish natives and ISIS supporters. Most interesting of all, though, is that all these targets are actually Iranians citizens.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 9.25
Matched TTPs:
- T1491.002 - External Defacement
- T1114 - Email Collection
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 13.60
Matched TTPs:
- T1491.002 - External Defacement
- T1106 - Native API
- T1593 - Search Open Websites/Domains
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 9.08
Matched TTPs:
- T1583.008 - Malvertising
- T1608.006 - SEO Poisoning
MITREへのリンク →
Score: 12.16
Matched TTPs:
- T1114 - Email Collection
- T1567 - Exfiltration Over Web Service
- T1102.002 - Bidirectional Communication
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 13.68
Matched TTPs:
- T1114 - Email Collection
- T1217 - Browser Information Discovery
- T1219.002 - Remote Desktop Software
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 13.15
Matched TTPs:
- T1106 - Native API
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1124 - System Time Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 18.07
Matched TTPs:
- T1106 - Native API
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1124 - System Time Discovery
- T1566.003 - Spearphishing via Service
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 5.44
Matched TTPs:
- T1106 - Native API
- T1055.012 - Process Hollowing
MITREへのリンク →
Score: 10.21
Matched TTPs:
- T1106 - Native API
- T1102.002 - Bidirectional Communication
- T1124 - System Time Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 8.16
Matched TTPs:
- T1106 - Native API
- T1217 - Browser Information Discovery
- T1124 - System Time Discovery
MITREへのリンク →
Score: 3.78
Matched TTPs:
- T1106 - Native API
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.78
Matched TTPs:
- T1106 - Native API
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.81
Matched TTPs:
- T1106 - Native API
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.44
Matched TTPs:
- T1106 - Native API
- T1055.012 - Process Hollowing
MITREへのリンク →
Score: 6.18
Matched TTPs:
- T1106 - Native API
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.68
Matched TTPs:
- T1106 - Native API
- T1102.002 - Bidirectional Communication
MITREへのリンク →
Score: 13.84
Matched TTPs:
- T1106 - Native API
- T1593 - Search Open Websites/Domains
- T1203 - Exploitation for Client Execution
- T1001.003 - Protocol or Service Impersonation
- T1219.002 - Remote Desktop Software
MITREへのリンク →
Score: 5.57
Matched TTPs:
- T1106 - Native API
- T1217 - Browser Information Discovery
MITREへのリンク →
Score: 20.34
Matched TTPs:
- T1567 - Exfiltration Over Web Service
- T1681 - Search Threat Vendor Data
- T1593 - Search Open Websites/Domains
- T1593.001 - Social Media
- T1219.002 - Remote Desktop Software
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 7.51
Matched TTPs:
- T1567 - Exfiltration Over Web Service
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.77
Matched TTPs:
- T1567 - Exfiltration Over Web Service
- T1055.012 - Process Hollowing
MITREへのリンク →
Score: 7.13
Matched TTPs:
- T1217 - Browser Information Discovery
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 12.09
Matched TTPs:
- T1217 - Browser Information Discovery
- T1593 - Search Open Websites/Domains
- T1124 - System Time Discovery
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 5.81
Matched TTPs:
- T1217 - Browser Information Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 8.22
Matched TTPs:
- T1681 - Search Threat Vendor Data
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 20.15
Matched TTPs:
- T1593.002 - Search Engines
- T1593 - Search Open Websites/Domains
- T1055.012 - Process Hollowing
- T1593.001 - Social Media
- T1102.002 - Bidirectional Communication
- T1219.002 - Remote Desktop Software
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1593 - Search Open Websites/Domains
MITREへのリンク →
Score: 4.65
Matched TTPs:
- T1055.012 - Process Hollowing
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.65
Matched TTPs:
- T1055.012 - Process Hollowing
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1055.012 - Process Hollowing
MITREへのリンク →
Score: 7.86
Matched TTPs:
- T1593.001 - Social Media
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.89
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.33
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 4.99
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1124 - System Time Discovery
MITREへのリンク →
Score: 3.89
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.99
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1124 - System Time Discovery
MITREへのリンク →
Score: 4.09
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 4.09
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 4.02
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 4.09
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 4.09
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
MITREへのリンク →
Score: 8.55
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1137.004 - Outlook Home Page
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.45
Matched TTPs:
- T1219.002 - Remote Desktop Software
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1124 - System Time Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1213.005 - Messaging Applications
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.80
Matched TTPs:
- T1593 - Search Open Websites/Domains
- T1593.001 - Social Media
- T1593.002 - Search Engines
- T1219.002 - Remote Desktop Software
- T1102.002 - Bidirectional Communication
- T1055.012 - Process Hollowing
MITREへのリンク →
Score: 0.78
Matched TTPs:
- T1566.003 - Spearphishing via Service
- T1593 - Search Open Websites/Domains
- T1567 - Exfiltration Over Web Service
- T1593.001 - Social Media
- T1681 - Search Threat Vendor Data
- T1219.002 - Remote Desktop Software
MITREへのリンク →
Score: 0.73
Matched TTPs:
- T1566.003 - Spearphishing via Service
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
- T1102.002 - Bidirectional Communication
- T1001.003 - Protocol or Service Impersonation
- T1106 - Native API
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1593 - Search Open Websites/Domains
- T1203 - Exploitation for Client Execution
- T1219.002 - Remote Desktop Software
- T1001.003 - Protocol or Service Impersonation
- T1106 - Native API
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1102.002 - Bidirectional Communication
- T1566.003 - Spearphishing via Service
- T1114 - Email Collection
- T1567 - Exfiltration Over Web Service
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1593 - Search Open Websites/Domains
- T1203 - Exploitation for Client Execution
- T1491.002 - External Defacement
- T1102.002 - Bidirectional Communication
- T1106 - Native API
MITREへのリンク →
Score: 0.57
Matched TTPs:
- T1217 - Browser Information Discovery
- T1213.005 - Messaging Applications
- T1114 - Email Collection
- T1219.002 - Remote Desktop Software
MITREへのリンク →
Score: 0.57
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1124 - System Time Discovery
- T1001.003 - Protocol or Service Impersonation
- T1106 - Native API
- T1090.001 - Internal Proxy
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design