OilRig Group Unleashes Three New Malware Strains

Summary:

The Iranian state-sponsored threat actor, commonly referred to as OilRig, implemented three distinct downloader malware variants throughout the year 2022. The primary objective was to sustain persistent access to targeted organizations located in Israel. OilRig demonstrated active development and deployment of a series of downloaders sharing a similar logic. The three new downloaders introduced were ODAgent, OilCheck, and OilBooster, in addition to updated versions of the SC5k downloader.

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.