Seedworm Targets Critical Sectors Using Latest Backdoors

Seedworm compromises systems in critical sectors including airports and governments. The threat actor was observed to use state of the art backdoors named Dindoor and Fakeset that were signed with valid certificates.

Pulse ID: 69ac66128f7d265e2d1d986f
Pulse Link: https://otx.alienvault.com/pulse/69ac66128f7d265e2d1d986f
Pulse Author: cryptocti
Created: 2026-03-07 17:53:22

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #ESET #Government #InfoSec #OTX #OpenThreatExchange #SeedWorm #Worm #bot #cryptocti

Iranian APT on Networks of U.S. Bank, Airport, Software Company

Iranian APT group Seedworm has been active on networks of multiple U.S. companies since February 2026, targeting a bank, airport, software company, and NGOs. The group deployed new backdoors named Dindoor and Fakeset, signed with certificates previously linked to Seedworm. The activity occurs amid escalating tensions between the U.S., Israel, and Iran. Seedworm, known for espionage and information gathering, has broadened its scope to target various sectors globally. The article discusses recent Iranian cyber activities, potential future threats, and provides recommendations for defenders to prepare against DDoS, credential attacks, leaks, critical infrastructure attacks, and destructive operations.

Pulse ID: 69a9e3eea1d0b6fa8bf0f06d
Pulse Link: https://otx.alienvault.com/pulse/69a9e3eea1d0b6fa8bf0f06d
Pulse Author: AlienVault
Created: 2026-03-05 20:13:34

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Bank #CyberSecurity #DDoS #DoS #ESET #Espionage #InfoSec #Iran #Israel #OTX #OpenThreatExchange #RAT #SeedWorm #Worm #bot #AlienVault