Iranian Cyber Threat Group Drops New Backdoor, 'BugSleep'
The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear phishing and legitimate remote management tools but is developing a brand-new homegrown toolset.
Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional effects connected to Iran.
Search across headline titles and summaries.
Background for this topic.
Iran covers cybersecurity and information-security developments connected to Iran, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving Iran's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear phishing and legitimate remote management tools but is developing a brand-new homegrown toolset.
The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management (RMM) software for maintaining persistent access