Security researchers have uncovered a new cyber-espionage campaign against foreign diplomats in Iran, using malware linked to a well-known APT group.
Kaspersky Lab researcher Denis Legezo claimed the campaign was indicative of hackers in emerging regions using “homebrew” malware combined with publicly available tools.
In this case, they use an improved version of the Remexi backdoor first reported in 2015, enabling them to: harvest keystrokes, take screenshots, exfiltrate credentials, log-ins and browser history and execute remote commands.
By Phil Muncaster
To read the full article click here.