Iranian cyber espionage group UNC1549, also known as Subtle Snail, has launched a targeted campaign against European telecommunication firms using LinkedIn and sophisticated backdoor malware. This campaign focuses on long-term espionage, data theft, and maintaining persistent access to critical networks. #UNC1549 #SubtleSnail
Keypoints
- UNC1549 is an Iran-nexus group focused on telecommunications and aerospace espionage.
- The attackers use LinkedIn for reconnaissance and spear-phishing to deploy malware like MINIBIKE.
- Malware techniques include DLL side-loading, cloud proxy communication, and anti-analysis measures.
- The campaign aims to steal sensitive data and maintain long-term access for strategic espionage.
- Other Iranian groups like MuddyWater are also utilizing bespoke backdoors and advanced malware tools.
Read More: https://thehackernews.com/2025/09/unc1549-hacks-34-devices-in-11-telecom.html