G0003

G0003Cleaver

Description

[Cleaver](https://attack.mitre.org/groups/G0003) is a threat group that has been attributed to Iranian actors and is responsible for activity tracked as Operation Cleaver. (Citation: Cylance Cleaver) Strong circumstantial evidence suggests Cleaver is linked to Threat Group 2889 (TG-2889). (Citation: Dell Threat Group 2889)

References

  1. https://attack.mitre.org/groups/G0003
  2. https://web.archive.org/web/20200302085133/https://www.cylance.com/content/dam/cylance/pages/operation-cleaver/Cylance_Operation_Cleaver_Report.pdf
  3. http://www.secureworks.com/cyber-threat-intelligence/threats/suspected-iran-based-hacker-group-creates-network-of-fake-linkedin-profiles/

Software attributed to this1

TypeTargetConfidenceTier
SoftwareTinyZBots000495%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Leafminer
Group
Ke3chang
Group
Gallmaker
Group
OilRig
Actor
Shamoon Group
Group
Threat Group-3390
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.