Iranian Hackers Sophisticated Malware Targets Windows and macOS Users

A fresh round of spear-phishing assaults that compromise the Windows and macOS operating systems have been connected to the Iranian nation-state actor known as TA453.In a recent research, Proofpoint stated that “TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deployed the recently identified PowerShell backdoor GorjolEcho.”

“TA453 attempted to start the NokNok infection chain, which had an Apple flavour, when given the chance to transmit its virus. In its never-ending search for intelligence, TA453 also used multiple persona impersonation. The download contains an LNK dropper that starts a multi-step process to implant GorjolEcho, which then displays a bogus PDF page while secretly awaiting subsequent payloads from a remote server.“TA453 attempted to start the NokNok infection chain, which had an Apple flavour, when given the chance to transmit its virus. In its never-ending search for intelligence, TA453 also used multiple persona impersonation. The download contains an LNK dropper that starts a multi-step process to implant GorjolEcho, which then displays a bogus PDF page while secretly awaiting subsequent payloads from a remote server.

Iranian Hackers Sophisticated Malware Targets Windows and macOS Users

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Iranian Hackers Sophisticated Malware Targets Windows and macOS Users

06-Jul-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address