Targeting of satellite, defense, and pharmaceutical organizations
Date of report
  • September 2023
APT 33 was observed using password-spraying attacks against a wide range of organizations. Microsoft said it detected successful intrusions in a small number of cases and that when APT 33 did gain access to networks, it exfiltrated information from victim servers.
Suspected victims
  • Satellite, defense, and pharmaceutical organizations
Suspected state sponsor
  • Iran (Islamic Republic of)
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response