IR

MalKamakMalKamak

Also known as: MalKamak

Origin
IR
Known aliases
1

Profile

MalKamak is an Iranian threat actor that has been operating since at least 2018. They have been involved in highly targeted cyber espionage campaigns against global aerospace and telecommunications companies. MalKamak utilizes a sophisticated remote access Trojan called ShellClient, which evades antivirus tools and uses cloud services like Dropbox for command and control.

Aliases· 1

MalKamak

References

  1. https://www.cybereason.com/blog/research/operation-ghostshell-novel-rat-targets-global-aerospace-and-telecoms-firms

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Gallmaker
Actor
Bahamut
Software
Makop
Actor
Madi
Actor
Molerats
Software
Blackshadow
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.