A campaign has been uncovered that looks like the work of Iran-based APT group Helix Kitten, aka OilRig and APT34. Initial analysis of likely OilRig-related observables revealed a phishing campaign targeting the oil and gas sector, as well as several other manufacturing and technology companies. While much remains unknown about this newly identified campaign. The campaign circulates around the executable sent to the users and make the inital access in the victim’s system.
Information Theft and Espionage