October 20, 2023 at 09:24AM Symantec’s cybersecurity unit, Broadcom, has reported that the Iran-linked hacking group Crambus spent eight months infiltrating a Middle Eastern government’s compromised network. Crambus, also known as APT34 and MuddyWater, conducted espionage operations on behalf of the Iranian government. The attackers deployed various malware, including a PowerShell backdoor called PowerExchange, and … Read more
October 19, 2023 at 12:45PM Iranian hacking group MuddyWater, also known as APT34 or OilRig, breached a Middle Eastern government network and maintained access for eight months. They used a PowerShell backdoor called PowerExchange to steal passwords and data, and blend in with typical network traffic. They also utilized other tools such as Backdoor.Tokel, Trojan.Dirps, … Read more
October 19, 2023 at 06:39AM Between February and September 2023, the Iran-linked threat actor, OilRig, conducted an eight-month cyber espionage campaign against an unnamed Middle East government. The attack involved the theft of files and passwords, as well as the deployment of a PowerShell backdoor called PowerExchange. Additional malware used included Tokel, Dirps, and Clipog. … Read more