"Molerats Group Wields Custom Cybertool to Steal Secrets in the Middle East"

TA402, also known as Molerats and Frankenstein, a pro-Palestinian cyber espionage group focused on compromising government targets in the Middle East, is using a sophisticated initial access downloader. According to Proofpoint researchers, TA402, which has been active for over a decade, is now using a new tool called IronWind. The group used it in three campaigns targeting systems within government agencies throughout the Middle East and Northern Africa. The group appears to have moved away from off-the-shelf tools toward more custom code aimed at a limited subset of government organizations. This article continues to discuss findings regarding the TA402 group.

Dark Reading reports "Molerats Group Wields Custom Cybertool to Steal Secrets in the Middle East"

Submitted by grigby1