Iranian Hackers Using Multi-Stage Malware To Attack Govt And Defense Sectors Via LinkedIn

3 September 2024

Microsoft has identified a new Iranian state-sponsored threat actor, Peach Sandstorm, deploying a custom multi-stage backdoor named Tickler. This backdoor has been used to target various sectors, including satellite, communications equipment, oil and gas, and government, in the United States and the United Arab Emirates. Peach Sandstorm has also engaged in password spray attacks and intelligence gathering activities on LinkedIn. Microsoft assesses that this threat actor operates on behalf of the Iranian Islamic Revolutionary Guard Corps and is designed to support Iranian state interests by sharing this information to raise awareness and help organizations strengthen their defenses against such threats.

Source: GBHackers

Date:

3 September 2024

Categorie(s):

NEWS

Tag(s):

Attacks, Azure, Cyber Attack, LinkedIn, Malware Attacks

Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024
Research: Extending corporate life of laptops by just one year can reduce harmful emissions by 25%5 November 2024