概要

【辞書】

◆APT34 (FireEye)
https://www.fireeye.jp/current-threats/apt-groups.html#apt34

記事

【ニュース】

◆OilRig Actors Provide a Glimpse into Development and Testing Efforts (paloalto, 2017/04/27 13:00)
https://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/
⇒ https://malware-log.hatenablog.com/entry/2017/04/27/000000_9

◆IRANIAN HACKERS HAVE BEEN INFILTRATING CRITICAL INFRASTRUCTURE COMPANIES (WIRED, 2017/12/07)
https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/
⇒ https://malware-log.hatenablog.com/entry/2017/12/07/000000_13

◆Chafer: Latest Attacks Reveal Heightened Ambitions (Symantec, 2018/02/28)
https://www.symantec.com/blogs/threat-intelligence/chafer-latest-attacks-reveal-heightened-ambitions
⇒ https://malware-log.hatenablog.com/entry/2018/02/28/000000_2

◆活発な動きを見せるイランの「Chafer」 - サプライチェーン上流を標的に (Security NEXT, 2018/03/19)
http://www.security-next.com/091117
⇒ https://malware-log.hatenablog.com/entry/2018/03/19/000000_1

◆DNSトンネリングの現状: OilRigのDNSトンネリング概要 (Paloalto, 2019/04/17 21:00)
https://www.paloaltonetworks.jp/company/in-the-news/2019/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling
⇒ https://malware-log.hatenablog.com/entry/2019/04/17/000000_12

◆How companies – and the hackers themselves – could respond to the OilRig leak (CyberScoop, 2019/04/18)
https://www.cyberscoop.com/oilrig-leak-iran-telegram-helix-kitten/
⇒ https://malware-log.hatenablog.com/entry/2019/04/18/000000_11

◆イラン政府のハッカー集団、リンクトインでサイバー攻撃開始 (Forbes, 2019/07/24)
https://forbesjapan.com/articles/detail/28633
⇒ https://malware-log.hatenablog.com/entry/2019/07/24/000000

【ブログ】

◆The Curious Case of Mia Ash: Fake Persona Lures Middle Eastern Targets (SecureWorks, 2017/07/27)
https://www.secureworks.com/research/the-curious-case-of-mia-ash
⇒ https://malware-log.hatenablog.com/entry/2017/07/27/000000_8

◆OilRig Deploys “ALMA Communicator” – DNS Tunneling Trojan (paloalto, 2017/11/08 13:00)
https://researchcenter.paloaltonetworks.com/2017/11/unit42-oilrig-deploys-alma-communicator-dns-tunneling-trojan/
⇒ https://malware-log.hatenablog.com/entry/2017/11/08/000000_9

◆New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit (FireEye, 2017/12/07)
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
⇒ https://malware-log.hatenablog.com/entry/2017/12/07/000000_11

◆OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan (paloalto, 2018/02/23 05:00)
https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/
⇒ https://malware-log.hatenablog.com/entry/2018/02/23/000000_6

◆Analyzing the APT34’s Jason project (SecurityAffairs, 2019/06/06)
https://securityaffairs.co/wordpress/86680/hacking/analyzing-apt34-jason-project.html
⇒ https://malware-log.hatenablog.com/entry/2019/06/06/000000_13

◆LinkedIn phishing attacks initiated by Iranian hacker group APT34 (TechGenix, 2019/07/22)
http://techgenix.com/apt34-linkedin-phishing/
⇒ https://malware-log.hatenablog.com/entry/2019/07/22/000000_8

【図表】

出典: https://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/

関連情報

【関連まとめ記事】

◆全体まとめ
　◆攻撃組織 / Actor (まとめ)

◆標的型攻撃組織 / APT (まとめ)
https://malware-log.hatenablog.com/entry/APT