Nemesis Kitten

Iran

Details

NEMESIS KITTEN is an Iran-nexus adversary active since at least 2020. Previously tracked as the DireFate activity cluster, the adversary’s activity is typically characterized by the exploitation of external remote services and the subsequent deployment of network proxy software such as Fatedier Reverse Proxy (FRP) and Plink. In limited instances, NEMESIS KITTEN was observed using Bitlocker to encr...

Community Identifiers

rBMTfN2OtUbCPY6

Objective

  • qvZhIrp1mtPX

Motivation

  • izLfXt7E6eRmK8U

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.