SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Indicators of Compromise. WinDealer samples. MD5 : ce65092fe9959cc0ee5a8408987e3cd4.

Malware 113

Malware Encryption Social Engineering Telecommunications 113

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). The victims we observed were all high-profile Tunisian organizations, such as telecommunications or aviation companies. We attribute this activity to APT10 with high confidence.

Malware 138

Malware Spyware Government Social Engineering 138

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware 106

Firmware Surveillance Mobile Telecommunications 106