Iraqi and Kurdish government officials have been targeted by suspected Iranian cyberespionage operation BladedFeline since 2017, reports The Record, a news site by cybersecurity firm Recorded Future.
Initial compromise of Kurdistan Regional Government systems believed to have been achieved through vulnerability exploitation has allowed BladedFeline, a suspected OilRig subgroup, to bolster its attack arsenal, an analysis from ESET revealed. After being discovered to have launched the rudimentary Shahmaran backdoor against Kurdish diplomats two years ago, BladedFeline has since deployed the more sophisticated Whisper and PrimeCache tools, with the former allowing email attachment-based communications and the latter resembling OilRig's RDAT backdoor. "The KRG's diplomatic relationship with Western nations, coupled with the oil reserves in the Kurdistan region, makes it an enticing target for Iran-aligned threat actors to spy on and potentially manipulate," said ESET researchers. Such findings come after OilRig, also known as APT34 or Hazel Sandstorm, was reported to have escalated intrusions against the United Arab Emirates and the Persian Gulf.
Initial compromise of Kurdistan Regional Government systems believed to have been achieved through vulnerability exploitation has allowed BladedFeline, a suspected OilRig subgroup, to bolster its attack arsenal, an analysis from ESET revealed. After being discovered to have launched the rudimentary Shahmaran backdoor against Kurdish diplomats two years ago, BladedFeline has since deployed the more sophisticated Whisper and PrimeCache tools, with the former allowing email attachment-based communications and the latter resembling OilRig's RDAT backdoor. "The KRG's diplomatic relationship with Western nations, coupled with the oil reserves in the Kurdistan region, makes it an enticing target for Iran-aligned threat actors to spy on and potentially manipulate," said ESET researchers. Such findings come after OilRig, also known as APT34 or Hazel Sandstorm, was reported to have escalated intrusions against the United Arab Emirates and the Persian Gulf.
