Trusted Design

Looking Into a Cyber-Attack Facilitator in the Netherlands

概要

A small web hosting provider with servers in the Netherlands and Romania has been a hotbed of targeted attacks and advanced persistent threats (APT) since early 2015. Starting from May 2015 till today we counted over 100 serious cyber attacks that originated from servers of this small provider. Pawn Storm used the servers for at least 80 high profile attacks against various governments in the US, Europe, Asia, and the Middle East. Formally the Virtual Private Server (VPS) hosting company is registered in Dubai, United Arab Emirates (UAE). But from public postings on the Internet, it is apparent that the owner doesn’t really care about laws in UAE. In fact, Pawn Storm and another threat actor attacked the UAE government using servers of the VPS provider through highly targeted credential phishing. Other threat actors like DustySky (also known as the Gaza hackers) are also regularly using the VPS provider to host their command-and-control (C&C) servers and to send spear phishing e-mails.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

• A New Threat Actor Targets UAE Dissidents (score: 0.62)
• Carbanak Group Targets Financial Orgs in the Middle East (score: 0.58)
• MALWARE POSING AS HUMAN RIGHTS ORGANIZATIONS AND COMMERCIAL SOFTWARE TARGETING IRANIANS AND FOREIGN POLICY INSTITUTIONS (score: 0.57)
• Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal (score: 0.56)
• Gaza cybergang (score: 0.55)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る