Report Says Iranian Hackers Targeting Israeli Defense Sector
Cybersecurity researchers identified a suspected Iranian espionage campaign targeting aerospace, aviation and defense industries across the Middle East, including in Israel and the United Arab Emirates.
Threat intelligence firm Mandiant published a report Tuesday night that links a threat actor tracked as UNC1549, allegedly associated with the Iranian Revolutionary Guard Corps, to a series of coordinated attacks targeting Middle East entities affiliated with the aerospace and defense sectors.
Ofir Rozmann, a senior researcher for Mandiant and a coauthor of the report, told Information Security Media Group that hackers "used decoys and lures" to gain initial access into targeted systems. They primarily used Microsoft Azure cloud infrastructure to communicate with their deployed back doors - a technique used to evade detection.