Insikt Group® researchers used proprietary methods, including Recorded Future Network Traffic Analysis and Recorded Future Domain Analysis, along with common analytical techniques, to profile Iranian cyberespionage threat actor APT33 (Elfin) and determine whether the public exposure of their TTPs in March 2019 impacted their operations.
Data sources include the Recorded Future® Platform, Farsight Security’s DNSDB, ReversingLabs, VirusTotal, Shodan, and common OSINT techniques.
This report will be of greatest interest to those interested in Middle Eastern geopolitics, as well as network defenders of organizations with a presence in the Middle East or in industries targeted by APT33, such as aerospace and defense, energy, finance, telecommunications, and manufacturing.
Click here to download the complete analysis as a PDF. This research is based on data collected between February 10, 2019 and June 6, 2019.