BlackOasis

BlackOasis is a Middle Eastern-based threat group that appears to be a customer of Gamma Group. This threat group has targeted prominent figures in the United Nations, opposition bloggers, activists, regional news correspondents, and think tanks. A group identified by Microsoft as NEODYMIUM is reportedly associated closely with BlackOasis operations, but evidence that the group names are aliases has not been confirmed.

The following is a collection of rules based on the presence of indicators of compromise publicly reported as associated with this malicious actor.