A set of malicious tools, along with a list of potential targets and victims, belonging to an advanced persistent threat group dubbed OilRig has leaked online. The group, apparently backed by Iran, has been active in the Middle East, analysts say. The leaked tools and source code have been available online since at least mid-March, according to security analysts. It’s not clear how the leaked material was exposed, but it has been available on Telegram and Github since March. The APT group is primarily known for using DNS tunneling to funnel malware and other malicious data through a target server.”]
Source: https://www.cuinfosecurity.com/leak-exposes-oilrig-apt-groups-tools-a-12397