Group: Molerats, Gaza cybergang, Operation Molerats

From ATT&CK
Jump to: navigation, search
Molerats, Gaza cybergang, Operation Molerats
Group
ID G0021
Aliases Molerats, Gaza cybergang, Operation Molerats

Molerats is a politically-motivated threat group that has been operating since 2012. The group's victims have primarily been in the Middle East, Europe, and the United States.12

Techniques Used

  • Process Discovery - Molerats actors obtained a list of active processes on the victim and sent them to C2 servers.1
  • Credential Dumping - Molerats used the public tool BrowserPasswordDump10 to dump passwords saved in browsers on victims.1
  • Code Signing - Molerats has used forged Microsoft code-signing certificates on malware.3

Software