September 12, 2024 at 06:43AM
Iranian hackers, suspected to be backed by the government, have targeted Iraqi government networks, according to cybersecurity firm Check Point. The attacks involve custom malware and infrastructure associated with Iran’s Ministry of Intelligence and Security. The malware enables operators to execute commands and infiltrate the target’s network through social engineering techniques. Iran and Iraq, despite being close allies, have a history of cyberespionage.
Based on the meeting notes, it is evident that Iranian hackers, possibly operating on behalf of the government, have been targeting Iraqi government networks. This conclusion is drawn from the analysis of malware and infrastructure by cybersecurity firm Check Point. Despite the improved relations between Iran and Iraq, there have been cyberespionage operations conducted by Iran against various Iraqi entities, including the government. Check Point has closely monitored the campaign for the past few months and identified specific malware, such as Veaty and Spearal, which bear similarities to malware used by Iranian state-sponsored threat actors. The attackers have successfully infiltrated the target’s network, and it is believed that the malware is being distributed through social engineering techniques. Furthermore, the malware was uploaded to VirusTotal from Iraq, indicating awareness of the attacks. These findings suggest a significant concern regarding cybersecurity and the potential impact on Iraqi organizations.