Targeting of satellite, defense, and pharmaceutical organizations

Date of report

September 2023

Affiliations

APT 33

APT 33 was observed using password-spraying attacks against a wide range of organizations. Microsoft said it detected successful intrusions in a small number of cases and that when APT 33 did gain access to networks, it exfiltrated information from victim servers.

Suspected victims

Satellite, defense, and pharmaceutical organizations

Suspected state sponsor

Iran (Islamic Republic of)

Type of incident

Espionage

Target category

Private sector

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events