Pioneer Kitten, also referred to as Fox Kitten, is known for using open-source tools instrumental in infiltrating corporate networks and compromising remote external services.
The Iranian APT group has been attacking corporate VPNs over the last few months and was recently caught selling corporate-network credentials on various hacker forums.
Also Read: Russia Wants Censorship of Russian Internet through VPN Provider Servers
Pioneer Kitten’s targets include different North American and Israeli organizations across different sectors that represent specific types of intelligence interest to the government of Iran.
Crowdstrike confirmed that this indicates that the APT group is perhaps looking out for an extra source of income besides the targeted intrusions supporting the Iranian government.
Source: Cyware