Security News > 2023 > November > Iranian hackers launch malware attacks on Israel’s tech sector
The recent attacks were discovered by researchers at cybersecurity company CrowdStrike, who made the attribution based on infrastructure overlaps with past campaigns, observed tactics, techniques, and procedures, the use of the IMAPLoader malware, phishing lures.
In a report published earlier this week, researchers say that Imperial Kitten launched phishing attacks in October using a 'job recruitment' theme in emails carrying a malicious Microsoft Excel attachment.
Communication with the command and control server is achieved using the custom malware IMAPLoader and StandardKeyboard, both relying on email to exchange information.
The researchers say that StandardKeyboard persists on the compromised machine as the Windows Service Keyboard Service and executes base64-encoded commands received from the C2. CrowdStrike confirmed for BleepingComputer that the October 2023 attacks targeted Israeli organizations following the Israel-Hamas conflict.
Iranian hackers lurked in Middle Eastern govt network for 8 months.
- Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware (source)
- Microsoft: Iranian hackers target researchers with new MediaPl malware (source)
- Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts (source)
- Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks (source)
- Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative (source)
- Russian hackers wiped thousands of systems in KyivStar attack (source)
- Hackers target Apache RocketMQ servers vulnerable to RCE attacks (source)
- Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months (source)
- Turkish hackers Sea Turtle expand attacks to Dutch ISPs, telcos (source)
- Alert: Water Curupira Hackers Actively Distributing PikaBot Loader Malware (source)