☣️ Nemesis Kitten (DEV-0270
)
DEV-0270 leverages exploits for high-severity vulnerabilities to gain access to devices and is known for the early adoption of newly disclosed vulnerabilities.
DEV-0270 extensively uses LOLBins throughout the attack chain for discovery and credential access. This extends to its abuse of the built-in BitLocker tool to encrypt files on compromised devices.
DEV-0270 is operated by a company that functions under two public aliases: Secnerd (secnerd.ir
) & Lifeweb (lifeweb.ir
). These organizations are also linked to Najee Technology Hooshmand (ناجی تکنولوژی هوشمند ), located in Karaj, Iran.