Iranian hackers expand espionage with social engineering and malware.

Iran’s APT42 hacking group has been targeting senior defense and government officials through social engineering, even extending attacks to family members to pressure primary targets. The campaign involves fake conference invitations that lead to credential theft or backdoor infections, with attackers building credibility through prolonged online interactions. Victims are often infected with the group’s TameCat malware, a modular PowerShell backdoor using Telegram and Discord for command-and-control, persistence, and data exfiltration. INDA reports the operation reflects a highly agile infrastructure designed for long-term espionage against high-value targets.

Read more:

https://www.securityweek.com/iranian-hackers-target-defense-and-government-officials-in-ongoing-campaign/