UNC1860
Intelligence Profile
UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s Ministry of Intelligence and Security (MOIS). A key feature of UNC1860 is its collection of specialized tooling and passive backdoors that Mandiant believes supports several objectives, including its role as a probable initial access provider and its ability to gain persistent access to high-priority networks, such as those in the government and telecommunications space throughout the Middle East.
Threat Analysis
UNC1860 is a known-sophistication threat actor attributed to Iran, engaged in cyber operations with a primary motivation of unknown activity patterns.
Known Campaigns
UNC1860 is a unknown-motivation threat actor attributed to Iran. UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s Ministry of Intelligence and Security (MOIS). A key feature of UNC1860 is its collection of specialized tooling and passive backdoors that Mandiant believes suppor...