Iranian APT33 targets US firms with destructive malware.

Read Time38 Second

The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea.

The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill wiper malware—a variant of the infamous Shamoon 2, according to a report released Wednesday by FireEye.

The malware is being distributed via spear phishing campaigns that includes advertisements for jobs at Saudi Arabian aviation companies and Western organizations, researchers said. Emails include recruitment themed lures that contain links to malicious HTML application (.hta) files, researchers said.

To read the original article: https://threatpost.com/iranian-apt33-targets-us-firms-with-destructive-malware/128074/

About Post Author

Haythem Elmir

haythem.elmir@keystone.tn

http://ww.cyber.tn

Happy

0 %

Sad

0 %

Excited

0 %

Sleepy

0 %

Angry

0 %

Surprise

100 %

Researchers link CCLEANER hack to cyberespionage group

ven Sep 22 , 2017

The recent attack that resulted in 2.2 million users installing infected versions of a popular Windows system optimization tool might have been the work of a sophisticated cyberespionage group with a history of software supply chain compromises. Researchers from two security companies have established links between the malicious code surreptitiously added […]

Iranian APT33 targets US firms with destructive malware.

About Post Author

Haythem Elmir

Average Rating

Laisser un commentaire Annuler la réponse

Researchers link CCLEANER hack to cyberespionage group

Average Rating

Laisser un commentaire Annuler la réponse

You May Like