Quedagh is an alternate name for the group known as Sandworm Team

---

Quedagh is an advanced persistent threat (APT) that has been active since at least 2014, targeting organizations in various industries such as finance and government agencies. It uses a variety of tactics to gain access to its targets' networks, including spear-phishing emails with malicious attachments or links, exploiting vulnerabilities in software, and using stolen credentials to bypass security measures. Once inside the network, Quedagh can steal sensitive information such as login credentials for other systems, financial data, and intellectual property. It is believed that Quedagh has ties to Iranian government-backed hacking groups, but its exact origins are unclear.

Techniques, tactics and practices:

Quedagh uses a variety of tactics to gain access to its targets' networks, including spear-phishing emails with malicious attachments or links, exploiting vulnerabilities in software, and using stolen credentials to bypass security measures. Once inside the network, Quedagh can steal sensitive information such as login credentials for other systems, financial data, and intellectual property. It is also known that it uses a combination of different techniques like social engineering, malware distribution, and exploitation of vulnerabilities in software.