"We have analytical indications that the presumed Iranian actors were scouting and gauging regional infrastructure vulnerabilities. These probes began in early February and targeted critical communication links for regional governments through highly sophisticated attacks against APIs and mobile applications."
"Iran also appeared to be in the process of staging malware to target entities in Israel and the Middle East prior to the air and sea strikes. This is pretty common for threat actors to stage their tools before executing."
"Check Point researchers observed digital intrusions deploying malware linked to an Iranian threat group tracked as Cotton Sandstorm, affiliated with the Islamic Revolutionary Guard Corps, with actors routinely using WezRat, a custom modular infostealer."
Following military strikes, Iranian cyber actors conducted significant digital operations targeting regional infrastructure and government communications. Security researchers identified sophisticated probing attacks against APIs and mobile applications beginning in early February, with attackers scouting vulnerabilities in conflict-region infrastructure. Iranian threat groups staged malware targeting Israeli and Middle Eastern entities prior to military action. Check Point researchers tracked digital intrusions deploying malware linked to Cotton Sandstorm, an Iranian threat group affiliated with the Islamic Revolutionary Guard Corps. Threat intelligence analysts warn that cyber attacks against American organizations are inevitable as the conflict continues, with expected escalation in DDoS attacks, disinformation campaigns, and ransomware operations.
#iranian-cyber-attacks #ddos-and-malware-operations #regional-infrastructure-targeting #threat-intelligence #geopolitical-cyber-warfare
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]