LYCEUM is a threat actor attributed to IR, also known as Storm-0133, MYSTICDOME, Spirlin. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does LYCEUM exploit?

Specific CVE exploitation data for LYCEUM is being tracked. Check the Strobes VI threat actor profile for updates.

LYCEUM

Also known as: Storm-0133, MYSTICDOME, Spirlin, UNC1530, COBALT LYCEUM, siamesekitten, HEXANE, Chrono Kitten

Exploited CVEs

Overview

Lyceum is an Iranian APT group that has been active since at least 2014. They primarily target Middle Eastern governments and organizations in the energy and telecommunications sectors. Lyceum is known for using cyber espionage techniques and has been linked to other Iranian threat groups such as APT34. They have developed and deployed malware families like Shark and Milan, and have been observed using DNS tunneling and HTTPfor command and control communication.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions