Iranian threat actors are running a highly targeted cyber-espionage operation against global aerospace and telecommunications companies, stealing sensitive information from targets around Israel and the Middle East, as well as in the United States, Russia and Europe, according to a report published Wednesday by Israeli cybersecurity company Cybereason.
Cybereason identified the previously unknown state actor, dubbed MalKamak, running a sophisticated new form of malware that was previously unknown, during an incident response call for one of its clients, said Assaf Dahan, head of the cyber-threat research group at Cybereason.
The campaign has been running since at least 2018, and has likely succeeded in gathering large amounts of data from carefully chosen targets, Dahan said.
“The investigation began after Cybereason’s Incident Response Research Team was called in to assist one of the attacked companies,” Dahan said. “During the incident and after installing our technology on the organization’s computers, we identified sophisticated and new damage that has yet to be seen or documented. Deep investigative work found that this is just one part of an entire Iranian intelligence campaign that has been conducted in secret and under the radar for the past three years.
Click here to read more.
Source: Jerusalem Post