Lebanese Cedar has compromised at least 250 public-facing servers since 2020, researchers said. The group has added new features to its custom Caterpillar webshell and the Explosive RAT remote access trojan (RAT) Researchers at ClearSky Security said they linked to the compromise of the public servers [PDF], which allowed widespread espionage. The United States, the United Kingdom, Jordan, Lebanon, Israel and the Palestinian Authority are among the targets.
Source: https://threatpost.com/hezbollah-lebanese-cedar-apt-servers/163555/