Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.
Iran-Linked APT34 Spy Campaign Targets Saudis
The Menorah malware can upload and download files, as well as execute shell commands.
A phishing campaign which drops cyber espionage malware is taking aim at users in the Middle East.
The campaign is mounted by the infamous advanced persistent threat known as APT34 (aka OilRig, Helix Kitten, Cobalt Gypsy), and employs a custom tool that researchers have dubbed "Menorah." This malware is capable of identifying the target's machine, reading and uploading files from the machine, and downloading other files or malware.
According to research by Trend Micro, the document used in the attack contains pricing information in Saudi Riyal, which could indicate at least one targeted victim is inside Saudi Arabia.
Linked to Iran, APT34 typically focuses on collecting sensitive intelligence, and has been involved in high-profile cyberattacks against a diverse range of targets in the Middle East, including government agencies, critical infrastructure, telecommunications, and key regional entities.
Trend Micro's researchers said that a changing of tactics and tools is typical of APT groups and demonstrates their resources and varied skills. Being able to create new pieces of malware and tools allows such groups to continuously deploy new techniques "to ensure success in intrusions, stealth, and cyberespionage."
Read more about:
DR Global Middle East & AfricaAbout the Author(s)
You May Also Like
Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024