Cyber security news for all

More

    Iran’s Chafer APT Group attacks governments of Kuwait and Saudi Arabia

    Today, cybersecurity investigators explained Iranian cyber espionage activities aimed at critical infrastructure in Kuwait and Saudi Arabia.

    Bitdefender said the information collection operation was conducted by Chafer APT. Chafer APT is known for its attacks on telecommunications and travel industries in the Middle East. They seek to collect personal information that is in line with the country’s geopolitical interests. In a message, investigators said: “Victims of the attack fit into the actor’s preferred model, such as air transport and the Middle East government.”

     

    Last year’s FireEye report added to evidence that Chafer focused on telecommunications and tourism. The company said: “Telecommunications companies are attractive targets because they store large amounts of client and personal information; provide access to critical infrastructure used for communications, and can access a wide range of potential goals in various industries.”

     

    APT39 compromises its targets via spear-phishing emails with malicious attachments and using various backdoor tools to increase their privileges, perform internal recognition and persistence in the victim’s environment, thereby destroying their targets.

     

    On the other hand, an attack on organizations in Saudi Arabia included the use of social engineering to trick victims into using remote control tools, some of which are similar to those used in Kuwait and Turkey.

     

    Investigators said: “Although this attack is not as widespread as in Kuwait; some court evidence suggests that the same attacker may have planned it.”

    “Despite evidence of network discovery, we cannot find any traces of lateral traffic; most likely because the actors in danger cannot find vulnerable cars.”

     

    Attacks in Kuwait and Saudi Arabia remind people that Iranian cyber-espionage has no sign of slowing down. Given the critical nature of the industry, the Chafer movement continues its tendency to suppress countries that violate their national ambitions.

    Conclusion

    “While these two are the most recent attack examples happening in the Middle East; it is important to understand that this type of attack can happen anywhere in the world; and critical infrastructures like government and air transportation remain very sensitive targets,” Bitdefender said.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox