0attributed CVEs
7ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Group5](https://attack.mitre.org/groups/G0043) is a threat group with a suspected Iranian nexus, though this attribution is not definite. The group has targeted individuals connected to the Syrian opposition via spearphishing and watering holes, normally using Syrian and Iranian themes. [Group5](https://attack.mitre.org/groups/G0043) has used two commonly available remote access tools (RATs), [njRAT](https://attack.mitre.org/software/S0385) and [NanoCore](https://attack.mitre.org/software/S0336), as well as an Android RAT, DroidJack. (Citation: Citizen Lab Group5)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-3 | 3 / 7 | 43% |
AC-3 | 2 / 7 | 29% |
CM-2 | 2 / 7 | 29% |
CM-6 | 2 / 7 | 29% |
SI-4 | 2 / 7 | 29% |
SI-7 | 2 / 7 | 29% |
AC-16 | 1 / 7 | 14% |
AC-17 | 1 / 7 | 14% |
AC-18 | 1 / 7 | 14% |
AC-2 | 1 / 7 | 14% |
AC-5 | 1 / 7 | 14% |
AC-6 | 1 / 7 | 14% |
CA-7 | 1 / 7 | 14% |
CM-7 | 1 / 7 | 14% |
CP-6 | 1 / 7 | 14% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Metador 0.22
- APT18 0.19
- The White Company 0.19
- Putter Panda 0.17
- 2015 Ukraine Electric Power Attack 0.14