Collaborate Disseminate
A new threat report shows that APTs are switching up their tactics when exploiting Microsoft services like Exchange and OWA, in order to avoid detection. Continue reading Microsoft Exchange, Outlook Under Siege By APTs
Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT. Continue reading Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks
The Remexi spyware has been improved and retooled. Continue reading Chafer APT Takes Aim at Diplomats in Iran with Improved Custom Malware
A hacking group has used a specific malware variant for the last three years to spy on “foreign diplomatic entities” operating inside Iran, advancing its reputation as an espionage group that previously targeted telecoms throughout the Middle East. The Chafer cyber espionage group deployed malware known as Remexi to steal user credentials, record keystrokes, browser history and take covert screenshots on targeted machines through late 2018, according to Kaspersky research published Wednesday. Few specifics are known about the operation, including concrete details on how the malware spreads. However Kaspersky’s new research builds on previous Symantec findings which determined that Chafer attacked telecommunication companies, an airline in the Middle East and at least one business in the U.S. The group now appears to be targeting Windows machines located inside Iran, Kaspersky said this week. “The vast new majority of the users targeted by this new variant of Remexi appear to have […]
The post ‘Chafer’ group advances espionage tactics by hacking Windows machines in Middle East appeared first on CyberScoop.
A familiar hacking group is using leaked NSA hacking tools and other cyberweapons in an increasingly active and ambitious strategy against its targets, according to a new report from Symantec. The group, known as “Chafer,” successfully compromised one of the biggest telecom firms in the Middle East last year in an attack that may have set up surveillance across the region. Chafer is linked to a group called OilRig, a highly active Iranian hacking group that’s shared command and control infrastructure and infection vectors with Chafer. The group may have been active as early as 2011. Chafer was first spotted in 2015 targeting mostly telecoms and airlines in the Middle East as well at least one business as the United States. “We have seen a shift compared to where they were three years ago,” said Symantec Technical Director Vikram Thakur. “They used to attack a majority of targets within the country of Iran. […]
The post Another well-known hacking group using leaked NSA hacking tools appeared first on Cyberscoop.
Continue reading Another well-known hacking group using leaked NSA hacking tools