"Iran-Linked APT34 Spy Campaign Targets Saudis"
"Iran-Linked APT34 Spy Campaign Targets Saudis"
A phishing campaign that spreads cyber espionage malware is aimed at users in the Middle East. The campaign is conducted by the Advanced Persistent Threat (APT) tracked as APT34, also known as OilRig, Helix Kitten, and Cobalt Gypsy. The APT uses a tool that researchers have dubbed "Menorah." This malware can identify the target's machine, access and upload files, and download additional files and malware. According to Trend Micro, the document used in the attack contains pricing information in Saudi Riyal, suggesting that at least one of the victims is in Saudi Arabia.