Dark Web Profile: Tortoiseshell APT - SOCRadar® Cyber Intelligence Inc.

Tortoiseshell, an Iranian cyber-espionage group, primarily targets defense, aerospace, and military-linked organizations in the U.S., Israel, and the Middle East. Their operations involve long-term social engineering campaigns, spear-phishing, and the use of custom malware. To defend against Tortoiseshell and similar threats, organizations should strengthen phishing defenses, enforce strong access controls, and monitor network activity.