"Iran-Linked APT34 Spy Campaign Targets Saudis"

A phishing campaign that spreads cyber espionage malware is aimed at users in the Middle East. The campaign is conducted by the Advanced Persistent Threat (APT) tracked as APT34, also known as OilRig, Helix Kitten, and Cobalt Gypsy. The APT uses a tool that researchers have dubbed "Menorah." This malware can identify the target's machine, access and upload files, and download additional files and malware. According to Trend Micro, the document used in the attack contains pricing information in Saudi Riyal, suggesting that at least one of the victims is in Saudi Arabia. APT34, which has been linked to Iran, typically collects sensitive intelligence and has launched high-profile cyberattacks against various targets in the Middle East, including government agencies, critical infrastructure, telecommunications, and key regional entities. This article continues to discuss findings regarding the Iran-linked APT34 spy campaign.

Dark Reading reports "Iran-Linked APT34 Spy Campaign Targets Saudis"

Submitted by grigby1