Iranian APT33 targets US firms with destructive malware.

Haythem Elmir
0 1
Read Time38 Second

 

 

The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea.

The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill wiper malware—a variant of the infamous Shamoon 2, according to a report released Wednesday by FireEye.

The malware is being distributed via spear phishing campaigns that includes advertisements for jobs at Saudi Arabian aviation companies and Western organizations, researchers said. Emails include recruitment themed lures that contain links to malicious HTML application (.hta) files, researchers said.

To read the original article: https://threatpost.com/iranian-apt33-targets-us-firms-with-destructive-malware/128074/

 

 

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Laisser un commentaire

Next Post

Researchers link CCLEANER hack to cyberespionage group

The recent attack that resulted in 2.2 million users installing infected versions of a popular Windows system optimization tool might have been the work of a sophisticated cyberespionage group with a history of software supply chain compromises. Researchers from two security companies have established links between the malicious code surreptitiously added […]