In early 2024, the Iranian-aligned hacking group BladedFeline has been linked to targeting Kurdish and Iraqi government officials. Tracked by ESET, this group is believed to be a subset of OilRig, having been active since 2017. It focuses on maintaining illicit access to officials through malware, particularly affecting Kurdish diplomatic entities and a telecommunications provider in Uzbekistan. Notably, BladedFeline employs various bespoke backdoors to execute commands on compromised systems, underlining its ongoing commitment to espionage against regional entities and officials, particularly in Iraq and its surroundings.
This group develops malware for maintaining and expanding access within organizations in Iraq and the KRG.
BladedFeline has invested heavily in gathering diplomatic and financial information from Iraqi officials.
Collection
[
|
...
]