CyberNews Briefs

Chafer APT Takes Aim at Diplomats in Iran with Improved Custom Malware

New research from Kaspersky Lab sheds light on a cyber-espionage campaign conducted by Chafer, an Iranian Advanced Persistent Threat (ATP). Throughout autumn of last year, the threat group carried out attacks against embassies in Iran involving a custom version of the Remexi spyware.

Remexi can log keystrokes, take screenshots and steal web cookies and browser history on infected devices. The latest version of the spyware used by Chafer includes various threads or modules that can execute different tasks on a targeted device. The spyware makes use of legitimate Microsoft tools and processes, an increasingly popular tactic known as ‘living off the land’.

Read more: Chafer APT Takes Aim at Diplomats in Iran with Improved Custom Malware

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.