07 December 2023
Iranian hackers target energy sector with new DNS backdoor
The Iranian Lycaeum APT hacking group uses a new .NET-based DNS backdoor to conduct attacks on companies in the energy and telecommunication sectors.
A recent analysis by Zscaler presents a new DNS backdoor based on the DIG.net open-source tool to carry out "DNS hijacking" attacks, execute commands, drop more payloads, and exfiltrate data. The Iranian hackers are expected to continue participating in these information-collection campaigns that often involve multiple threat groups from the country.
Read more about it: here