MurenShark

Also known as: Actor210426, MurenShark

MurenShark is an advanced persistent threat group that operates primarily in the Middle East, with a focus on targeting Turkey. They have shown interest in military projects, as well as research institutes and universities. This group is highly skilled in counter-analysis and reverse traceability, using sophisticated tactics to avoid detection. They utilize compromised websites as file servers and command and control servers, and have been known to use attack tools like NiceRender for phishing purposes.

Introduction

MurenShark is an advanced persistent threat group that operates primarily in the Middle East, with a focus on targeting Turkey. They have shown interest in military projects, as well as research institutes and universities. This group is highly skilled in counter-analysis and reverse traceability, using sophisticated tactics to avoid detection. They utilize compromised websites as file servers and command and control servers, and have been known to use attack tools like NiceRender for phishing purposes.

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • SharK
  • Killer RAT

Attribution and Evidence

Information pending cataloguing.

References

References pending cataloguing.