Hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets.
The campaigns have been attributed to the Iranian APT group known as Lyceum, Hexane, and Siamesekitten, running espionage campaigns since at least 2018 [
1,
2].
In multiple attacks detected in May and July, the hackers combined social engineering techniques with an updated malware variant that would ultimately give them remote access to the infected machine.
In one case, the hackers used the name of a former HR manager at technology company ChipPC to create a fake LinkedIn profile, a clear indication that the attackers did their homework before starting the campaign.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
