Security News > 2023 > November > Iranian hackers launch malware attacks on Israel’s tech sector

The recent attacks were discovered by researchers at cybersecurity company CrowdStrike, who made the attribution based on infrastructure overlaps with past campaigns, observed tactics, techniques, and procedures, the use of the IMAPLoader malware, phishing lures.

In a report published earlier this week, researchers say that Imperial Kitten launched phishing attacks in October using a 'job recruitment' theme in emails carrying a malicious Microsoft Excel attachment.

Communication with the command and control server is achieved using the custom malware IMAPLoader and StandardKeyboard, both relying on email to exchange information.

The researchers say that StandardKeyboard persists on the compromised machine as the Windows Service Keyboard Service and executes base64-encoded commands received from the C2. CrowdStrike confirmed for BleepingComputer that the October 2023 attacks targeted Israeli organizations following the Israel-Hamas conflict.

In previous activity, Imperial Kitten carried watering hole attacks by compromising several Israeli websites with JavaScript code that collected information about visitors, such as browser data and IP address, profiling potential targets.

Iranian hackers lurked in Middle Eastern govt network for 8 months.

News URL

https://www.bleepingcomputer.com/news/security/iranian-hackers-launch-malware-attacks-on-israels-tech-sector/