The Threat CodexSep 12, 2024
Targeted Iranian Attacks Against Iraqi Government Infrastructure
#APT34 #Veaty #Spearal
https://research.checkpoint.com/2024/iranian-malware-attacks-iraqi-government/
Targeted Iranian Attacks Against Iraqi Government Infrastructure - Check Point Research

Veaty and Spearal, a new set of malware connected to Iranian sources, were found attacking Iraqi governmental infrastructures

Check Point Research
FreemindDec 29, 2023

This malware empowers attackers to exercise complete control over information stored on compromised devices within the network.

#Cybersecurity #Menorah #Malware #APT34

https://cybersec84.wordpress.com/2023/12/29/menorah-malware-exposes-middle-easts-digital-vulnerabilities/

Menorah Malware Exposes Middle East’s Digital Vulnerabilities

Security analysts from SecurityScorecard have identified a new iteration of the Menorah computer virus, which is currently targeting organizations in the Middle East. Trend Micro initially discover…

CyberSec84 | Cybersecurity news.
ArbureNov 16, 2023

🔍 Join us in exploring the depths of APT34's recent phishing campaign in our latest study, "Evolution of Espionage: Unmasking APT34's SideTwist Campaign." This comprehensive analysis sheds light on the advanced tactics and the use of the SideTwist backdoor targeting Middle Eastern entities.

🌐 Dive deep into our insights and share your thoughts on this evolving cyber threat landscape.

https://arbure.com/cs_11012023.html

#ArbureInc #CyberSecurity #APT34 #SideTwist #CommunityDiscussion

Case Study - Evolution of Espionage: Unmasking APT34s SideTwist Campaign

An analysis of recent phishing campaign led by APT34, showcasing a more advanced backdoor variant, SideTwist, primarily targeting the Middle Eastern sectors including Lebanon since its unveiling in September 2023. The objective is to dissect the TTPs (Tactics, Techniques, and Procedures) employed by APT34, evaluate the risks posed, and offer actionable insights to the targeted sectors

Arbure Inc.
FreemindSep 30, 2023

The exact targets of these attacks are not yet known, but the use of decoys suggests that at least one of the organizations being targeted is located in Saudi Arabia.

#Cybersecurity #Iran #HackerGroup #Malware #APT34 #Menorah #OilRig

https://cybersec84.wordpress.com/2023/09/30/iranian-hackers-use-new-menorah-malware-for-covert-attacks/

Iranian Hackers Use New Menorah Malware for Covert Attacks

A highly sophisticated group of cyber actors, known as OilRig and backed by Iran, has been identified in a spear-phishing campaign that deploys a new strain of malware called Menorah. According to …

CyberSec84 | Cybersecurity news.
FreemindSep 7, 2023

Their modus operandi involves spear-phishing techniques that ultimately result in the deployment of various backdoors.

#APT34 #cybersecurity #phishing

https://cybersec84.wordpress.com/2023/09/07/new-sidetwist-backdoor-and-agent-tesla-variant-delivered-via-phishing-campaigns/

New SideTwist Backdoor and Agent Tesla Variant Delivered via Phishing Campaigns

APT34, a notorious Iranian threat actor, has been linked to a new phishing attack that utilizes a backdoor variant called SideTwist. In a recent report by NSFOCUS Security Labs, it was revealed tha…

CyberSec84 | Cybersecurity news.
ITSEC NewsJul 22, 2020
OilRig APT Drills into Malware Innovation with Unique Backdoor - The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside imag... more: https://threatpost.com/oilrig-apt-unique-backdoor/157646/ #steganography #helixkitten #c2channel #backdoor #paloalto #malware #oilrig #unit42 #apt34 #email #irán #rdat #apt
OilRig APT Drills into Malware Innovation with Unique Backdoor

The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside images.

Threatpost - English - Global - threatpost.com
ITSEC NewsFeb 18, 2020
Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign - APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure tha... more: https://threatpost.com/iranian-apts-fox-kitten-global-spy-campaign/152974/ #criticalinfratructureespionage #criticalinfrastructure #vulnerabilities #wipermalware #websecurity #cyberattack #spycampaign #government #zerocleare #foxkitten #clearsky #malware #oilrig #hacks #apt33 #apt34 #elfin
Iran-Backed APTs Collaborate on 3-Year 'Fox Kitten' Global Spy Campaign

APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware.

Threatpost - English - Global - threatpost.com
@D3lMur47Feb 17, 2020

Fox Kitten – Widespread #iranian Espionage-Offensive Campaign
#APT34 #APT33

https://www.clearskysec.com/fox-kitten/

ITSEC NewsJan 31, 2020
Iranian Hackers Target U.S. Gov. Vendor With Malware - APT34 has been spotted in a malware campaign targeting customers and employees of a company that w... more: https://threatpost.com/iran-hackers-us-gov-malware/152452/ #spearphishing #usgovernment #cyberattack #government #tonedeaf #malware #usiran #westat #hacks #apt34 #irán
Iranian Hackers Target U.S. Gov. Vendor With Malware

APT34 has been spotted in a malware campaign targeting customers and employees of a company that works closely with U.S. federal agencies, and state and local governments.

Threatpost - English - Global - threatpost.com
ITSEC NewsDec 4, 2019
Iran Targets Mideast Oil with ZeroCleare Wiper Malware - Likely the work of APT34, ZeroCleare is bent on destruction and disruption, rather than informatio... more: https://threatpost.com/iran-mideast-oil-zerocleare-wiper-malware/150814/ #criticalinfrastructure #nationstateattack #malwareanalysis #destruction #ibmx-force #middleeast #zerocleare #oilsector #malware #shamoon #energy #oilrig #apt34 #wiper #apt
Iran Targets Mideast Oil with ZeroCleare Wiper Malware

Likely the work of APT34, ZeroCleare is bent on destruction and disruption, rather than information-stealing.

Threatpost - English - Global - threatpost.com