Nemesis Kitten

Iran

Details

NEMESIS KITTEN is an Iran-nexus adversary active since at least 2020. Previously tracked as the DireFate activity cluster, the adversary’s activity is typically characterized by the exploitation of external remote services and the subsequent deployment of network proxy software such as Fatedier Reverse Proxy (FRP) and Plink. In limited instances, NEMESIS KITTEN was observed using Bitlocker to encr...

Community Identifiers

v5ocYZ2HSg0OjN4

Objective

  • 8Unx94LKdfRo

Motivation

  • qXlxcOYASfgtpVv

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo