July 16, 2024 at 08:09PM MuddyWater, an Iranian government-linked cyber espionage group, has enhanced its malware with a custom backdoor, targeting Israeli organizations. Utilizing phishing lures, the group sends emails with malicious links, infecting victim devices with BugSleep malware. The evolving tactics and wider targeting pose challenges for detection and increase the group’s potential impact. … Read more
July 15, 2024 at 02:32PM The MuddyWatter hacking group has developed a new custom-tailored malware implant called BugSleep. It is distributed through phishing emails disguised as invitations to webinars or online courses. The malware is injected into various apps and is actively being developed, indicating a trial-and-error approach. MuddyWatter has shifted to using BugSleep instead … Read more
July 15, 2024 at 02:24PM The Iranian-backed MuddyWatter hacking group has developed a new custom malware called BugSleep. Analysts at Check Point Research discovered the malware being distributed via well-crafted phishing lures. This new backdoor, actively developed and partially distributed, signals a shift from the group’s previous tactics. MuddyWatter’s cyber-espionage campaigns target various global industries. … Read more
May 20, 2024 at 12:10PM The BiBi Wiper malware’s new variants are targeting Israeli and Albanian systems, linked to an Iranian hacking group named ‘Void Manticore.’ Check Point Research uncovered newer variants and operational overlaps involving another Iranian threat group. The malware is designed to complicate data restoration efforts, significantly extending downtime for targeted victims … Read more
April 24, 2024 at 10:48AM An elite team of Iranian hackers infiltrated US companies and government agencies’ employee accounts in a multiyear cyber espionage campaign, aiming to steal military secrets. Entities including the US Departments of Treasury and State, defense contractors, and a hospitality company were compromised. Four Iranian nationals have been indicted, but their … Read more
April 23, 2024 at 04:00PM Four Iranian nationals were indicted in Manhattan federal court for conducting a cyber-espionage campaign targeting U.S. government departments, defense contractors, and private firms, using sophisticated hacking techniques to access and compromise critical systems. The group, still at large, is accused of targeting over a dozen private US companies, primarily cleared … Read more
March 13, 2024 at 03:05AM Iranian hacktivists executed a supply chain attack on Israeli universities by breaching a local technology provider, Rashim Software, and accessing universities’ systems. Op Innovate confirmed the exposure of student data and identified weak access controls and email-based authentication as contributing to the breach. The incident highlights the risk of supply … Read more
March 1, 2024 at 09:47AM The U.S. Department of Justice indicted Alireza Shafie Nasab, an Iranian national, for cyber-espionage targeting U.S. government and defense entities. Operating from 2016 to April 2021, Nasab and co-conspirators employed phishing and hacking techniques to compromise over 200,000 devices, resulting in charges carrying 5 to 20 years in prison. The … Read more
February 29, 2024 at 09:27AM Iranian hackers have been utilizing Microsoft Azure cloud infrastructure in attacks on aerospace, aviation, and defense organizations in the Middle East, particularly in Israel and the UAE. The hacking group, UNC1549, has deployed two backdoors named MiniBike and MiniBus. These activities are linked to Iran’s Islamic Revolutionary Guard Corps. Mandiant … Read more
February 9, 2024 at 04:09PM Iran’s offensive operations against Israel in the Israel-Hamas conflict quickly escalated and expanded, with cyberattacks and influence operations increasing. Iranian threat actors coordinated with Hamas and expanded their targets to Albania, Bahrain, and the US. The collaboration between Iranian threat actors increased, leading to higher effectiveness. The increased collaboration poses … Read more