The Remexi malware began an operation to target foreign diplomats in Iran using locally-produced spyware linked to a Farsi-speaking hacking group named Chafer. The group used Windows-targeting surveillance-ware to monitor figures in the Middle East.
A new build of the Remexi software has been spotted lurking on multiple machines within Iran, mostly those located within foreign embassy buildings.
Remexi was originally detected in 2015.
It has the ability to execute commands remotely and seize screenshots, browser data, including user credentials, login data and history and any typed text.
Read More
Cyber-Security Projected to Reach $5 Billion by 2022 in Saudi Arabia
9 Tips for Retailers and Online Shoppers to Help Protect Them Against Cyber Threats
Companies, institutions and diplomatic bodies should use an enterprise-class security solution with capabilities to detect and stop advanced guided attacks by analyzing network data anomalies and giving e-security teams full visibility across the network and automated response.
They must then provide security awareness initiatives to enable staff members to master the skill of identifying suspicious messages, such as email, which is a common gateway to targeted attacks.
Diplomatic bodies must keep security teams informed of threats to remain up-to-date with the latest methods and tools used by cyber-criminals.
