Tag: iran
-
Charming Kitten Leak Reveals Key Operatives, Front Firms, and Massive Global Compromise
The latest materials from the Charming Kitten network access reveal three significant findings that expand our understanding of Iran’s APT35 cyber operations: complete salary records for operative teams, expanded surveillance platform capabilities, and a classified 2004 document connecting Iran’s obtained IAEA inspection materials to Department 40 assassination targeting. The leaked materials document unprecedented compensation data…
-
Charming Kitten Leak Reveals Key Operatives, Front Firms, and Massive Global Compromise
The latest materials from the Charming Kitten network access reveal three significant findings that expand our understanding of Iran’s APT35 cyber operations: complete salary records for operative teams, expanded surveillance platform capabilities, and a classified 2004 document connecting Iran’s obtained IAEA inspection materials to Department 40 assassination targeting. The leaked materials document unprecedented compensation data…
-
Officials offer $10M reward for information on IRGC-linked leader and close associate
Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
-
Officials offer $10M reward for information on IRGC-linked leader and close associate
Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
-
Officials offer $10M reward for information on IRGC-linked leader and close associate
Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
-
Officials offer $10M reward for information on IRGC-linked leader and close associate
Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
-
Operation Kitten: Hacktivist Groups Targeting Israel with Cyberattacks
A new platform known as the “kitten” project has emerged as a coordination hub for hacktivist campaigns targeting Israel, operating at the intersection of cyber activism and state-aligned influence. While the operators publicly deny direct ties to Iran, technical evidence and infrastructure traces indicate a close relationship with an Iranian cybersecurity ecosystem and pro-Iranian hacktivist…
-
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes.The cyber espionage activity targeted users in Turkey, Israel, and Azerbaijan, according to a report from Fortinet FortiGuard Labs.”This malware enables remote control of compromised systems by allowing First…
-
‘MuddyWater’ Hackers Target Israeli Orgs With Retro Game Tactic
Iran’s top state-sponsored APT is usually rather crass. But in a recent spate of attacks, it tried out some interesting evasion tactics, including delving into Snake, an old-school mobile game. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/muddywater-hackers-israeli-orgs-retro-game
-
Wie Unternehmen sich gegen neue KI-Gefahren wappnen
Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerabilityKI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…
-
Wie Unternehmen sich gegen neue KI-Gefahren wappnen
Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerabilityKI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…
-
Iran-linked hackers target Israeli, Egyptian critical infrastructure through phishing campaign
Active between September 2024 and March 2025, the operation primarily targeted organizations in Israel’s technology, engineering, local government, educational and manufacturing sectors. First seen on therecord.media Jump to article: therecord.media/iran-linked-hackers-target-israel-egypt-phishing
-
MuddyWater strikes Israel with advanced MuddyViper malware
Iran-linked threat actor MuddyWater targeted multiple Israeli sectors with a new MuddyViper backdoor in recent attacks. ESET researchers uncovered a new MuddyWater campaign targeting Israeli organizations and one confirmed Egyptian target. The Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) deployed custom tools to evade defenses and maintain persistence. They used a Fooder loader,…
-
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper.The activity has been attributed by ESET to a hacking group known as MuddyWater (aka Mango First seen…
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
MuddyWater cyber campaign adds new backdoors in latest wave of attacks
ESET researchers say an Iran aligned threat group is refining its playbook again, and the latest activity shows how much its tactics have shifted. MuddyWater is a long running … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/eset-muddywater-cyber-campaign/
-
MuddyWater cyber campaign adds new backdoors in latest wave of attacks
ESET researchers say an Iran aligned threat group is refining its playbook again, and the latest activity shows how much its tactics have shifted. MuddyWater is a long running … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/eset-muddywater-cyber-campaign/
-
UNMASKED: Massive Leak Exposes Iran’s ‘Department 40’ Cyber-Terror Unit
The post UNMASKED: Massive Leak Exposes Iran’s ‘Department 40’ Cyber-Terror Unit appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/unmasked-massive-leak-exposes-irans-department-40-cyber-terror-unit/
-
Iran Exploits Cyber Domain to Aid Kinetic Strikes
The country deploys cyber-enabled kinetic targeting prior to, and following, real-world missile attacks against ships and land-based targets. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-exploits-cyber-domain-kinetic-strikes
-
Iran Exploits Cyber Domain to Aid Kinetic Strikes
The country deploys cyber-enabled kinetic targeting prior to, and following, real-world missile attacks against ships and land-based targets. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-exploits-cyber-domain-kinetic-strikes
-
APT35 Data Leak Uncovers the Iranian Hacker Group’s Operations and Tactics
In October 2025, a significant breach exposed internal operational documents from APT35, also known as Charming Kitten, revealing that the Iranian state-sponsored group operates as a bureaucratized, quota-driven cyber-espionage unit with hierarchical command structures, performance metrics, and specialized attack teams. The leaked materials provide an unprecedented window into how this Islamic Revolutionary Guard Corps Intelligence…
-
Inside Iran’s Cyber Objectives: What Do They Want?
The regime’s cyber-espionage strategy employs dual-use targeting, collecting info that can support both military needs and broader political objectives. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/iran-cyber-objectives
-
Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks
Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that…
-
Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks
Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that…
-
Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting.The development is a sign that the lines between state-sponsored cyber attacks and kinetic warfare are increasingly blurring, necessitating the need for a new category of…
-
Iranian APT hacks helped direct missile strikes in Israel and the Red Sea
MuddyWater uses hacked CCTV cameras to help guide missiles: Amazon also found supporting threat intel evidence for another Iran-linked incident involving cyber espionage and missile strikes that has received some official confirmation.After the US strikes against Iran’s nuclear sites in June, Iran retaliated by launching a barrage of missiles against Israel, targeting cities such as…
-
Iranian APT UNC1549 Infiltrates Aerospace by Hijacking Trusted DLLs and Executing VDI Breakouts
The post Iranian APT UNC1549 Infiltrates Aerospace by Hijacking Trusted DLLs and Executing VDI Breakouts appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/iranian-apt-unc1549-infiltrates-aerospace-by-hijacking-trusted-dlls-and-executing-vdi-breakouts/
-
Google Finds New Malware Backdoors Linked to Iran
Hacking Group Deploys Raft of Custom Malware Variants. An Iranian state hacking group with a history of targeting aerospace, aviation and defense industries across the Middle East has improved its tooling with multiple custom malware variants, warned Google. The group, tracked as UNC1549, is suspected of ties to the Iranian Revolutionary Guard Corps. First seen…
-
Iran-Nexus Threat Actor UNC1549 Takes Aim at Aerospace
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/iran-nexus-threat-actor-unc1549-takes-aim-aerospace