APT34
Iran-attributed threat group believed to operate on behalf of Iranian government interests. Focuses on long-term espionage operations against financial, energy, and government organisations primarily in the Middle East.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low0.6
Low signal strength
Mentions1
Sources1
High conf.0
Last seenMay 2026
First observed
2014
Last active
Active
Origin
Iran — attributed by multiple Western vendors to Iranian government
Aliases
7
Techniques
76
Campaigns
0
Iran — attributed by multiple Western vendors to Iranian governmenthigh confidence
TargetsFinancialEnergyGovernmentChemical
RegionsMiddle EastUsEu
Attribution signals
1 mention · 1 source#1is commonly believed to bemoderate
Geopolitical
eset
May 2026
"OilRig has been active since at least 2014 and is commonly believed to be based in Iran"
Hedge terms observed
is commonly believed to be