November 13, 2024 at 07:15AM The Iranian threat actor TA455 has mimicked North Korean tactics in a Dream Job campaign, targeting the aerospace industry with fake job offers. The campaign distributes SnailResin malware, enabling remote access and credential theft. This approach includes using social engineering, impostor personas, and multi-stage infection methods to evade detection. **Meeting … Read more
February 18, 2024 at 11:57PM Charming Kitten, an Iranian-origin threat actor also known as APT35, has been linked to new attacks aimed at Middle East policy experts using a new backdoor called BASICSTAR through a fake webinar portal. The group, affiliated with Iran’s Revolutionary Guard Corps, uses a range of social engineering tactics, including phishing … Read more
January 19, 2024 at 12:44PM Iran-linked Mint Sandstorm group targets professionals in Middle Eastern affairs with sophisticated social engineering tactics, delivering malware and compromising systems. The group, tied to the Iranian military, uses lures related to Israel-Hamas war for cyber-espionage and is known for its persistent efforts. It impersonates journalists and researchers, employs custom backdoors, … Read more
January 17, 2024 at 03:39PM Microsoft warns that an Iranian hacker group, linked to the IRGC, is targeting high-profile individuals in research organizations and universities in Europe and the US using spearphishing attacks. The attackers use custom-tailored phishing emails and new backdoor malware called MediaPl to steal sensitive data and gather intelligence aligning with Iranian … Read more