Bitdefender investigators have today announced the discovery of a sophisticated espionage campaign that targets air transportation organisations and government entities in the Middle East. The criminal operation, Chafer APT, is a known Iranian-sponsored cyber espionage group and its attacks have been geographically focused on the Middle East region for the time being. However, the complexity and success of these attacks highlights that this type of breach can occur anywhere in the world and critical government infrastructure and air transportation companies are severely at-risk.
Please see here for an official whitepaper detailing the Chafer APT criminal campaign in full detail here.
The attack stayed undiscovered for more than one and a half years, with the aim of exfiltrating sensitive data for ransom. In the Kuwait case, it’s possible that the threat actors used tainted documents with shellcodes to compromise the victim, potentially disseminated through spear-phishing emails.