Novel backdoor used in Charming Kitten attacks

Novel backdoor used in Charming Kitten attacks Attacks involving the new BASICSTAR backdoor have been deployed by Iranian advanced persistent threat operation Charming Kitten, also known as Charming Cypress, Mint Sandstorm, APT35, TA453, and Yellow Garuda, against Middle East policy experts between September and October last year, according to The Hacker News. Charming Kitten leveraged hacked email accounts to impersonate the Rasanah International Institute for Iranian Studies in phishing intrusions that lured targets into joining a fake webinar and facilitated the download of the BASICSTAR malware, which enabled system data exfiltration and remote command execution, a Volexity report showed.

Source: SC Magazine

 


Date:

Categorie(s):