Nemesis Kitten

Iran

Details

NEMESIS KITTEN is an Iran-nexus adversary active since at least 2020. Previously tracked as the DireFate activity cluster, the adversary’s activity is typically characterized by the exploitation of external remote services and the subsequent deployment of network proxy software such as Fatedier Reverse Proxy (FRP) and Plink. In limited instances, NEMESIS KITTEN was observed using Bitlocker to encr...

Community Identifiers

PAeV2zngSsWldaG

Objective

  • Qsgk8Dd5qAzt

Motivation

  • GjzXhH9l6WMx32m

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Resources

2023 Global Threat Report

Unlock the adversary universe