Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
Chafer APT is a threat group with an apparent Iranian link. It is known to be active since 2014, focusing on cyber espionage campaigns. Bitdefender has spotted the group targeting critical infrastructure from the Middle East, presumably for intelligence gathering. Bitdefender researchers have found attacks conducted by this actor in the Middle East region, dating back to 2018. The campaigns were based on several tools, including “living off the land” tools, which makes attribution difficult, as well as different hacking tools and a custom built backdoor. Download this Case Study and read about key findings such as: Campaign targeted air transportation and government. Attacker activity occurred on weekends. In the Kuwait attack, threat actors created their own user account. The Saudi Arabia attack relied on social engineering to compromise victims. The end goal of both attacks was likely data exploration and exfiltration
Read More
By submitting this form you agree to Bitdefender contacting you with marketing-related emails or by telephone. You may unsubscribe at any time. Bitdefender web sites and communications are subject to their Privacy Notice.
By requesting this resource you agree to our terms of use. All data is protected by our Privacy Notice. If you have any further questions please email dataprotection@techpublishhub.com
Related Categories: Data Security
More resources from Bitdefender
NAIKON: Traces from a Military Cyber-Espionage Operation
NAIKON is a threat actor that has been active for more than a decade. The group focuses on high profile targets such as government agencies and mil...
Introducing a Cyber Security Service For Home WiFi
The renewal cycle for home WiFi routers is lengthy and involves users upgrading to a newer model once every 3 to 5 years. A lack of touch points in...
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
Chafer APT is a threat group with an apparent Iranian link. It is known to be active since 2014, focusing on cyber espionage campaigns. Bitdefender...