Ajax Security Team

OriginIrã

Techniques (MITRE ATT&CK)6

SourceMITRE ATT&CK

Also known as:Operation Woolen-GoldfishAjaxTMRocket KittenFlying KittenOperation Saffron Rose

Vexday analysis

Ativo desde pelo menos 2010 e de origem iraniana, o Ajax Security Team — também referenciado como Rocket Kitten, Flying Kitten, Operation Woolen-Goldfish, Operation Saffron Rose e AjaxTM (G0130) — migrou de operações de desfiguração de sites para campanhas de espionagem cibernética baseadas em malware direcionadas à base industrial de defesa dos Estados Unidos e a usuários iranianos de tecnologias de burla à censura. O grupo possui 6 técnicas documentadas no MITRE ATT&CK.

Techniques (MITRE ATT&CK) 6

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Initial access

Spearphishing Attachment Spearphishing via Service

Execution

Malicious File

Credential access

Credentials from Web Browsers

Collection

Keylogging

Command and control

Ingress Tool Transfer

Exploited vulnerabilities

No CVEs attributed to this group in public sources (MITRE ATT&CK). Absence of attribution does not mean absence of activity.

Ajax Security Team uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →