Two Iran-backed APTs could be working together on a sprawling, three-year campaign to compromise high-value organizations from the IT, telecom, oil and gas, aviation, government and security sectors in Israel and around the world, according to a report by researchers at ClearSky.
They maintain, APT34/OilRig and APT33/Elfin appear to be linked to the campaign (which they dubbed Fox Kitten). The offensive has resulted in the establishment of a highly developed and persistent infrastructure of access to company networks, which has been used for reconnaissance and espionage, they said. However, it’s also the perfect launchpad for the deployment of destructive malware such as ZeroCleare and Dustman, researchers noted, both of which have been linked to the APTs.
Read more…
Source: ThreatPost