Security News > 2023 > December > Iranian cyberspies target US defense orgs with a brand new backdoor

Iranian cyberspies target US defense orgs with a brand new backdoor
2023-12-23 12:47

Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft.

"We identified APT33 malware tied to an Iranian persona who may have been employed by the Iranian government to conduct cyber threat activity against its adversaries," the threat hunters said in an alert updated in October.

"According to the information we have, the claims against Kislitsin are not related to his work at FACCT, but are related to a case more than ten years ago when Nikita worked as a journalist and independent researcher," the statement said, presumably referring to his work as former editor of Hacker magazine.

The US extradition request seems to be related to earlier charges against Kislitsin, who is accused of breaking into the social networking service Formspring in 2012.

"According to the investigation, in October 2022, Kislitsin, together with his accomplices, unlawfully gained access to the server data of one of the commercial organizations," the general prosecutor's statement said.

After allegedly stealing the org's data, Kislitsin then tried to extort the firm for $550,000 rubles in cryptocurrency.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/23/iranian_cyberspies_target_us_defense/