The horrors of cybercrime can make even the savviest tech person shudder. Much like an accident on the side of the road, however, we just can’t help rubbernecking. That’s why the Clear Sky report on Iranian cyberespionage group – known oxymoronically as Charming Kitten – is such a great read.
A classic tale of Zero Profile Attribution — you get the sordid details of Charming Kitten’s work from a safe distance, vicariously experiencing the step-by-step incidents of company impersonation, made up organizations and individuals, spear phishing and watering hole attacks against human rights activists, academic researchers and media outlets. Using SocialNet and MalNet from ShadowDragon, Clear Sky analyzed and visually depicted connections, as well as Charming Kitten’s exploitation, delivery and command-and-control infrastructure. Clear Sky also exposed DownPaper, a malware developed by the attackers, which had not been publicly documented to date.
Daniel Clemens is the founder and CEO of both ShadowDragon and Packet Ninjas, a niche cybersecurity consulting and services company.
With extensive experience in defensive and offensive security, Daniel has been a quiet trailblazer in digital intel-gathering long before cyber intelligence became a discipline. More than a decade ago he was inventing and applying his own intelligence tools in support of companies and governments around the world facing urgent threats. Using this deep understanding of web technologies and the behaviors of cybercriminals, he has enhanced, updated and packaged these tools under ShadowDragon.