Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks


Level 26
Thread author
Aug 17, 2017
A previously unknown threat actor is targeting telecommunications companies in the Middle East in what appears to be a cyber-espionage campaign similar to many that have hit telecom organizations in multiple countries in recent years. Researchers from SentinelOne who spotted the new campaign said they're tracking it as WIP26, a designation the company uses for activity it has not been able to attribute to any specific cyberattack group. In a report this week, they noted that they had observed WIP26 using public cloud infrastructure to deliver malware and store exfiltrated data, as well as for command-and-control (C2) purposes. The security vendor assessed that the threat actor is using the tactic — like many others do these days — to evade detection and make its activity harder to spot on compromised networks. "The WIP26 activity is a relevant example of threat actors continuously innovating their TTPs [tactics, techniques and procedures] in an attempt to stay stealthy and circumvent defenses," the company said.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.