home.social
Sign in Create account

#apt34 — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #apt34, aggregated by home.social.

  1. OTX Bot @[email protected] ·

    Iranian-Nexus Operation Against Oman's Government: 12 Ministries Hit and 26,000 Citizen Records Exposed

    An exposed command and control server on RouterHosting infrastructure revealed an active Iranian-nexus intrusion campaign targeting twelve Omani government ministries. The operation primarily focused on the Ministry of Justice and Legal Affairs, deploying custom webshells that provided persistent access through April 2026. Over 26,000 user records containing judicial case data, committee decisions, and registry hives were exfiltrated. The attacker utilized ProxyShell exploits, DotNetNuke vulnerabilities, and custom Python scripts targeting Exchange servers, SQL databases, and Oracle systems. Infrastructure analysis revealed connections to spoofed Iranian diaspora media and censorship circumvention tools, with tactical overlaps indicating MOIS-linked groups such as APT34 and MuddyWater. The campaign specifically targeted judicial records, immigration systems, and citizen identity data across multiple government entities.

    Pulse ID: 69fa3e5f84a20294f972fa64
    Pulse Link: otx.alienvault.com/pulse/69fa3
    Pulse Author: AlienVault
    Created: 2026-05-05 19:00:47

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APT34 #CyberSecurity #Government #InfoSec #Iran #MuddyWater #OTX #OpenThreatExchange #Proxy #Python #RAT #SQL #UK #bot #AlienVault

    #apt34 #cybersecurity #government #infosec #iran #muddywater
  2. Freemind @[email protected] ·

    The exact targets of these attacks are not yet known, but the use of decoys suggests that at least one of the organizations being targeted is located in Saudi Arabia.

    #Cybersecurity #Iran #HackerGroup #Malware #APT34 #Menorah #OilRig

    cybersec84.wordpress.com/2023/

    #cybersecurity #iran #hackergroup #malware #apt34 #menorah
  3. IT News @[email protected] ·

    Pick your poison: The potential Iranian responses to US drone strike - Enlarge / TEHRAN, IRAN - (ARCHIVE): A file photo dated September 18, 2016 shows Iranian Revolutiona... more: arstechnica.com/?p=1638517 #iranrevolutionaryguardcorps #hellfiremissile #qudsforce #biz&it #policy #oilrig #apt33 #apt34 #iraq #isis

    #isis #iraq #apt34 #apt33 #oilrig #policy