Security News > 2020 > February > Iranian APT Targets Govs With New Malware

Researchers have attributed the campaign to a known Iranian advanced persistence threat group.

As part of the campaign, researchers observed multiple emails using malicious attachments to gain initial access.

"The threat actors used a list of valid user accounts from the target domain in conjunction with a weak password list to determine potentially accessible accounts," said researchers.

Researchers say that in spite of Iran's threatened retaliation for recent geopolitical events, this campaign indicates that Iranian APTs continue to focus on "Long-running cyberespionage activity." Conflict between the U.S. and Iran peaked after U.S. drones on Jan. 3 killed Qassem Soleimani, an Iranian general with the Islamic Revolutionary Guard Corps who was highly-esteemed in Iran.

"From a threat management and risk assessment perspective, CTU researchers advise organizations not to conflate ongoing espionage operations with a retaliatory response," said researchers.

News URL

https://threatpost.com/iranian-apt-targets-govs-with-new-malware/153162/