G0130

G0130Ajax Security Team

Description

[Ajax Security Team](https://attack.mitre.org/groups/G0130) is a group that has been active since at least 2010 and believed to be operating out of Iran. By 2014 [Ajax Security Team](https://attack.mitre.org/groups/G0130) transitioned from website defacement operations to malware-based cyber espionage campaigns targeting the US defense industrial base and Iranian users of anti-censorship technologies.(Citation: FireEye Operation Saffron Rose 2013)

References

  1. https://attack.mitre.org/groups/G0130
  2. https://documents.trendmicro.com/assets/wp/wp-operation-woolen-goldfish.pdf
  3. https://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf
  4. https://www.crowdstrike.com/blog/cat-scratch-fever-crowdstrike-tracks-newly-reported-iranian-actor-flying-kitten/
  5. https://iranthreats.github.io/resources/attribution-flying-rocket-kitten/
  6. https://www.mandiant.com/sites/default/files/2021-09/rpt-operation-saffron-rose.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
APT30
Group
APT33
Group
Axiom
Group
Lotus Blossom
Group
Leafminer
Actor
313 Team
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.