APT34

APT34 is a known alias of the APT group OilRig

APT34 is an advanced persistent threat (APT) group that has been active since at least 2015 and continues to target organizations in various industries, including government agencies, military contractors, media outlets, and energy companies. The group\'s primary objective appears to be the collection of sensitive information for espionage purposes. APT34 is known for its sophisticated tactics, such as spear-phishing emails with malicious attachments or links that lead to compromised websites. They also use various tools and techniques to evade detection by security systems, including the use of encrypted communication channels and multiple layers of obfuscation. The group has been linked to several high-profile attacks in recent years, highlighting its ongoing threat to organizations worldwide.

Techniques, tactics and practices:

APT34 is a highly sophisticated group that employs various techniques to evade detection by security systems. Some of their common tactics include spear-phishing emails with malicious attachments or links, compromised websites used as a vector for delivering payloads, and the use of encrypted communication channels such as TOR (The Onion Router) to hide their activities from investigators. They also employ multiple layers of obfuscation in order to avoid detection by security systems, including the use of proxy servers or virtual private networks (VPNs). Additionally, APT34 is known for its persistent nature and ability to maintain a presence within compromised systems over extended periods of time, allowing them to gather sensitive information without being detected.