Skip to main content

GoldenJackal APT group: A threat to government and diplomatic entities in the Middle East and South Asia

By TechNewsCentre


A new report from the cybersecurity firm Securelist has identified a new APT group that has been active since at least 2019. The group, which is named GoldenJackal, is believed to be based in Iran and is known for targeting government and diplomatic entities in the Middle East and South Asia.

GoldenJackal has used a variety of techniques to compromise its targets, including phishing, spear phishing, and watering hole attacks. The group has also been known to use custom malware, including backdoors, stealers, and wipers.

In 2021, GoldenJackal was linked to a series of attacks against the United Arab Emirates. The attacks targeted government and military entities, and the group used a variety of techniques, including phishing, spear phishing, and watering hole attacks. The group also used custom malware, including backdoors, stealers, and wipers.

GoldenJackal is a sophisticated APT group that is capable of carrying out a variety of attacks. The group is believed to be state-sponsored, and its activities pose a serious threat to government and diplomatic entities in the Middle East and South Asia.

The Securelist report provides a detailed analysis of GoldenJackal's tactics, techniques, and procedures (TTPs). The report also provides recommendations for how organizations can protect themselves from GoldenJackal and other APT groups.

The report is available on the Securelist website.

Here are some additional details from the report:

  • GoldenJackal is believed to be a state-sponsored group, and its activities are likely being directed by the Iranian government.
  • The group has been active since at least 2019, and it has targeted a wide range of organizations, including government agencies, diplomatic missions, and businesses.
  • GoldenJackal has used a variety of techniques to compromise its targets, including phishing, spear phishing, and watering hole attacks.
  • The group has also been known to use custom malware, including backdoors, stealers, and wipers.
  • GoldenJackal is a sophisticated APT group that is capable of carrying out a variety of attacks.
  • Organizations that are targeted by GoldenJackal could suffer significant damage, including data loss, financial losses, and reputational damage.

Comments

Post a Comment

Popular posts from this blog

Unleashing Chaos: Craxs Rat Update V5 Introduces Terrifying New Features

By TechNewsCentre
The notorious Craxs Rat malware has recently unleashed its latest version, Update V5, introducing a range of new features and enhancements. This update further strengthens the capabilities of Craxs Rat, posing an increased threat to individuals and organizations alike. In this article, we delve into the details of the updated features of Craxs Rat V5, shedding light on its improved functionality and potential impact on cybersecurity.
Post a Comment
Read more

Prilex: The Most Advanced PoS Malware with the Ability to Block Contactless Payments

By TechNewsCentre
Prilex is a highly advanced malware that has evolved from ATM-focused malware into a unique modular PoS malware, known to be the most advanced PoS threat seen so far. It has a unique cryptographic scheme, performs real-time patching in target software, forces protocol downgrades, manipulates cryptograms, performs GHOST transactions and performs credit card fraud. Recently, three new versions of Prilex have been discovered with the ability to block contactless payment transactions, which have become popular due to the pandemic. These new versions block NFC-based transactions and force victims to use their physical card by inserting it into the PIN pad reader, which allows the malware to capture the data coming from the transaction.
Post a Comment
Read more

BlackLotus UEFI Bootkit: A New Threat to Windows Security

By TechNewsCentre
In March 2023, security researchers from ESET announced the discovery of a new UEFI bootkit called BlackLotus . This bootkit is capable of bypassing UEFI Secure Boot, a security feature that is designed to prevent malware from infecting a computer's firmware. Once BlackLotus is installed, it can give an attacker complete control over the computer, including the ability to steal data, install other malware, and disrupt the computer's operation. BlackLotus is a sophisticated piece of malware that is difficult to detect and remove. It is also relatively new, so there is limited information about how it works. However, ESET researchers have been able to learn a lot about BlackLotus, and they have published a detailed analysis of the malware.
Post a Comment
Read more