Cyber security news for all


    Iran’s Chafer APT Group attacks governments of Kuwait and Saudi Arabia

    Today, cybersecurity investigators explained Iranian cyber espionage activities aimed at critical infrastructure in Kuwait and Saudi Arabia.

    Bitdefender said the information collection operation was conducted by Chafer APT. Chafer APT is known for its attacks on telecommunications and travel industries in the Middle East. They seek to collect personal information that is in line with the country’s geopolitical interests. In a message, investigators said: “Victims of the attack fit into the actor’s preferred model, such as air transport and the Middle East government.”


    Last year’s FireEye report added to evidence that Chafer focused on telecommunications and tourism. The company said: “Telecommunications companies are attractive targets because they store large amounts of client and personal information; provide access to critical infrastructure used for communications, and can access a wide range of potential goals in various industries.”


    APT39 compromises its targets via spear-phishing emails with malicious attachments and using various backdoor tools to increase their privileges, perform internal recognition and persistence in the victim’s environment, thereby destroying their targets.


    On the other hand, an attack on organizations in Saudi Arabia included the use of social engineering to trick victims into using remote control tools, some of which are similar to those used in Kuwait and Turkey.


    Investigators said: “Although this attack is not as widespread as in Kuwait; some court evidence suggests that the same attacker may have planned it.”

    “Despite evidence of network discovery, we cannot find any traces of lateral traffic; most likely because the actors in danger cannot find vulnerable cars.”


    Attacks in Kuwait and Saudi Arabia remind people that Iranian cyber-espionage has no sign of slowing down. Given the critical nature of the industry, the Chafer movement continues its tendency to suppress countries that violate their national ambitions.


    “While these two are the most recent attack examples happening in the Middle East; it is important to understand that this type of attack can happen anywhere in the world; and critical infrastructures like government and air transportation remain very sensitive targets,” Bitdefender said.

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox