IR

TRACER KITTENTRACER KITTEN

Also known as: TRACER KITTEN

Origin
IR
Known aliases
1

Profile

In April 2020, Crowstrike Falcon OverWatch discovered Iran-based adversary TRACER KITTEN conducting malicious interactive activity against multiple hosts at a telecommunications company in the Europe, Middle East and Africa (EMEA) region. The actor was found operating under valid user accounts, using custom backdoors in combination with SSH tunnels for C2. The adversary leveraged their foothold to conduct a variety of reconnaissance activities, undertake credential harvesting and prepare for data exfiltration.

Aliases· 1

TRACER KITTEN

References

  1. https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020OverWatchNowheretoHide.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Fox Kitten
Actor
Flash Kitten
Actor
Ferocious Kitten
Actor
Domestic Kitten
Actor
BANISHED KITTEN
Actor
Clever Kitten
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.