HomeLatest FeedsTechnology NewsIranian cyber spies attack America with a new backdoor

Iranian cyber spies attack America with a new backdoor



They use a new backdoor called FalseFont to carry out their actions.

Still on December 21st published it the Redmond threat intelligence team to spot a nation-state-sponsored gang called Peach Sandstrom trying to deliver (presumably Windows) malware to defense workers. “FalseFont is a unique backdoor that has several features that allow its user to remotely access an infected system, launch additional files, and send information to C2’s servers,” Microsoft said. It was first observed in early November 2023.

THE Mandiantwhich goes after the Iranian-backed crew as APT33, says it is targeting companies in the United States, Saudi Arabia and South Korea for strategic cyber espionage, particularly those in the commercial and military aviation and energy sectors linked to petrochemical production is interested in.

The APT33 malware has been identified as being linked to an Iranian individual who may have been employed by its government to carry out cyber-threat activities against its adversaries, according to an alert updated in October. Frequent password spraying (password spraying) experiments were conducted against thousands of organizations, and when the attacks were successful, Peach Sandstorm used a combination of publicly available and proprietary tools to sniff the network and move laterally into the victim’s IT systems. It was observed that data was also leaked from the attacked environment.

Mr.Mario
Mr.Mario
I am a tech enthusiast, cinema lover, and news follower. and i loved to be stay updated with the latest tech trends and developments. With a passion for cyber security, I continuously seeks new knowledge and enjoys learning new things.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read