An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous techniques used by the threat actor as well as based on its pattern of victimology. The group typically resorts to targeting individuals through the use of booby-trapped job offer documents, delivered directly to the victims via LinkedIn messages. The latest campaign bears some of the same hallmarks, but the exact mode of delivery remains unclear as yet.
Source: https://thehackernews.com/2021/04/researchers-uncover-new-iranian-malware.html