A pro-Palestinian cyber espionage group focused on compromising government targets in the Middle East has improved its attack tools with a sophisticated initial access downloader — all the while largely ignoring the conflict unfolding in Israel and the Palestinian territories. TA402 (aka Molerats and Frankenstein), which has been active for more than a decade, rolled out a new sophisticated tool named IronWind, which it used in three campaigns aimed at compromising systems within government agencies throughout the Middle East and Northern Africa, security firm Proofpoint stated in an analysis published on Nov.

Source: Dark Reading: Cloud