Microsoft: Iranian hackers target researchers with new MediaPl malware
Posted: Thu Jan 18, 2024 12:20 am
Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware.
The attackers, a subgroup of the notorious APT35 Iranian cyberespionage group (also known as Charming Kitten and Phosphorus) linked to the Islamic Revolutionary Guard Corps (IRGC), sent custom-tailored and difficult-to-detect phishing emails via previously compromised accounts.
"Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States," Microsoft said.
[...]
Microsoft: Iranian hackers target researchers with new MediaPl malware
The attackers, a subgroup of the notorious APT35 Iranian cyberespionage group (also known as Charming Kitten and Phosphorus) linked to the Islamic Revolutionary Guard Corps (IRGC), sent custom-tailored and difficult-to-detect phishing emails via previously compromised accounts.
"Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States," Microsoft said.
[...]
Microsoft: Iranian hackers target researchers with new MediaPl malware