National Cyber Warfare Foundation (NCWF)

CURIUM


0 user ratings
2024-06-18 15:21:23
blscott

 - archive -- 

CURIUM

MITRE:  G1012

CURIUM is an Iranian threat group first reported in November 2021 that has invested in building a relationship with potential targets via social media over a period of months to establish trust and confidence before sending malware. Security researchers note CURIUM has demonstrated great patience and persistence by chatting with potential targets daily and sending benign files to help lower their security consciousness.

 Alternate names
Crimson Sandstorm, TA456, Tortoise Shell,


CURIUM is an advanced persistent threat (APT) that has been active since at least 2014 and targets government agencies, defense contractors, and other organizations involved in military or national security operations. It uses a variety of techniques to evade detection by antivirus software and other defenses, including the use of custom malware families and exploitation of vulnerabilities in popular software such as Microsoft Office. CURIUM is believed to be operated by Russian intelligence agencies and has been linked to several high-profile cyber attacks on organizations around the world.

Techniques, tactics and practices:

CURIUM uses a variety of techniques to evade detection by antivirus software and other defenses. These include using custom malware families that are not widely recognized, exploiting vulnerabilities in popular software such as Microsoft Office, conducting extensive reconnaissance on target organizations before launching attacks, and utilizing stealthy methods for exfiltrating data from compromised systems. CURIUM is also known to use social engineering tactics to gain access to sensitive information or networks through phishing emails or other forms of deception.



Comments
new comment
Nobody has commented yet. Will you be the first?
 




This link is from a restricted area of the forums.
Forum



Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.