Iranian hackers infiltrate US defense orgs using advanced cyber backdoor.

December 24, 2023
1 min read

Iranian cyberspies have targeted US defense organizations with a new backdoor called FalseFont, according to Microsoft. The malware allows operators to remotely access infected systems, launch additional files, and send information to command and control servers. The backdoor was first observed being used against targets in November 2023. The threat hunters at Mandiant, who track the Iran-backed group as APT33, say the group targets organizations in the US, Saudi Arabia, and South Korea for “strategic cyberespionage”. They have a particular interest in commercial and military aviation companies, as well as those in the energy sector with ties to petrochemical production.

Latest from Blog

44k Americans first to suffer data breach: Are you next?

TLDR: First American Financial Corporation disclosed a data breach affecting 44,000 individuals in December 2023. The company offered free credit monitoring and identity protection services to the affected individuals. The First American