Crafty Camel APT: Iran’s Expanding Espionage Footprint in the Modern Cyber Battlespace

Crafty Camel is an Iran-aligned APT focused on long-term cyber-espionage across the Middle East and beyond, increasingly leveraging cloud identity compromise (OAuth abuse, misconfigured identity providers), spearphishing, and supply-chain vectors to target governments, energy, telecom, defense contractors, and research institutions; the report outlines historical operations (2018–2025), evolving TTPs, and recommendations such as enforcing MFA, monitoring OAuth activity, rapid patching, and hardening supply-chain relationships.