A suspected Iranian-linked cyberespionage group called BladedFeline has been targeting Kurdish and Iraqi government officials since 2017, expanding its operations across the Middle East. The group employs various malware tools like Shahmaran, Whisper, and PrimeCache to breach and maintain access to sensitive government networks. #BladedFeline #OilRig #IranianThreatActors #KurdistanGovernment #IraqCyberespionage
Keypoints
- BladedFeline is a subgroup of the Iranian threat actor OilRig operating since 2017.
- The group targets Kurdish, Iraqi, and Uzbek organizations for cyberespionage activities.
- Malware tools like Shahmaran, Whisper, and PrimeCache are used to compromise systems.
- The hackers may exploit internet-facing servers through webshells like Flog.
- OilRig has a history of targeting critical infrastructure and government sectors in the Middle East.
Read More: https://therecord.media/iran-linked-hackers-target-kurdish-iraq-cyber-espionage