"Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant"

The Iranian threat actor APT34 has been linked to a new phishing attack that deploys a variant of the SideTwist backdoor. According to NSFOCUS Security Labs, APT34 has a high level of attack technology, the ability to design different intrusion methods for various targets, and supply chain attack capabilities. APT34, also known as Cobalt Gypsy, Hazel Sandstorm (formerly Europium), Helix Kitten, and OilRig, has been targeting telecommunications, government, defense, oil, and financial services verticals in the Middle East with spear-phishing lures that lead to the deployment of multiple backdoors since at least 2014. The hacking group's ability to create new and updated tools to reduce the likelihood of detection and maintain a foothold on compromised hosts for extended periods of time is one of its defining characteristics. This article continues to discuss the phishing campaigns linked to APT34. 

THN reports "Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant"