بچه گربه هلیکس | |
| Formation | c. 2004–2007[1] |
|---|---|
| Type | Advanced persistent threat |
| Purpose | Cyberespionage,cyberwarfare |
| Methods | Zero-days,spearphishing,malware |
Official language | Persian |
| Affiliations | APT33 |
Formerly called | APT34 |
Helix Kitten (also known asAPT34 byFireEye,OILRIG,Crambus,Cobalt Gypsy,Hazel Sandstorm,[1] orEUROPIUM)[2] is a hacker group identified byCrowdStrike as Iranian.[3][4]
The group has reportedly been active since at least 2014.[3] It has targeted many of the same organizations asAdvanced Persistent Threat 33, according to John Hultquist.[3]
In April 2019, APT34's cyber-espionage tools' source code was leaked throughTelegram.[5][6]
The group has reportedly targeted organizations in the financial, energy, telecommunications, and chemical industries, as well ascritical infrastructure systems.[3]
APT34 reportedly usesMicrosoft Excelmacros,PowerShell-based exploits andsocial engineering to gain access to its targets.[3]