Nemesis Kitten

Iran

Details

NEMESIS KITTEN is an Iran-nexus adversary active since at least 2020. Previously tracked as the DireFate activity cluster, the adversary’s activity is typically characterized by the exploitation of external remote services and the subsequent deployment of network proxy software such as Fatedier Reverse Proxy (FRP) and Plink. In limited instances, NEMESIS KITTEN was observed using Bitlocker to encr...

Community Identifiers

eLO5a7yudVE9hkX

Objective

  • S5sPGuAb37aK

Motivation

  • wySOC7lR2oVabDG

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo