Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
ATT&CK techniques detected
T1204.004Malicious Copy and Paste
77%
“prompted the victim to choose the “ webex for government ” option, luring the victim into following the instructions to retrieve the meeting id. these instructions are a typical social engineering method employed by threat actors to implement clickfix - style attacks. the second …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
50%
“a winrar application, is present inside this archive and starts the attack chain on the endpoint. threatlabz called this binary splitdrop. this binary functions as a dropper for twintask and twintalk, two malicious dynamic - link library ( dll ) files. twintask ’ s main purpose i…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
30%
“prompted the victim to choose the “ webex for government ” option, luring the victim into following the instructions to retrieve the meeting id. these instructions are a typical social engineering method employed by threat actors to implement clickfix - style attacks. the second …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack