Threat Actor Profile

OilRig

State-sponsored threat group originating from IR. Suspected sponsor: Iran (Islamic Republic of). Known to target Government, Private sector, Civil society. Uses 74 known MITRE ATT&CK techniques.

74 TTPs Mapped 3 Industries Tracked Real-Time Alerts

OriginIR

74MITRE TTPs

3Sectors Hit

Actor Overview

Origin Country

Suspected Sponsor

Iran (Islamic Republic of)

Incident Types

Espionage

Known Techniques

74 TTPs

Target Industries

GovernmentPrivate sectorCivil society

Suspected Victims

IsraelKuwaitUnited StatesTurkeySaudi ArabiaQatarLebanonMiddle East

MITRE ATT&CK Techniques

T1048T1087T1087.001T1087.002T1071T1071.001T1071.004T1119T1110T1059T1059.001T1059.003T1059.005T1555T1555.003 +59 more

Related Threat Reports

Premium

APT Campaign Analysis - Q4 2025Dec 2025

New Tactics Observed in WildDec 2025

Infrastructure Mapping ReportDec 2025

Stay Updated

Get alerts when new intel on OilRig is published.

Actor Details

Primary Name

OilRig

Known Aliases

Twisted Kitten, Cobalt Gypsy, Crambus, Helix Kitten, APT 34, APT34, IRN2, ATK40, G0049, Evasive Serpens, Hazel Sandstorm, EUROPIUM, TA452, Earth Simnavaz

Data Source

Precursor Intelligence

Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →