Threat Advisories:
🎧 Hive Force Labs: Critical Threats Affecting You This Week - 5 Minute Audio Intelligence Report
👥 Play Count: Loading...

APT34 Tightens Cyber Espionage Grip on Gulf with Kernel Exploitation

Red | Attack Report
Download PDF

APT34, also known as Earth Simnavaz, the Iranian state-sponsored hacking group, has been seen exploiting a vulnerability tracked as CVE-2024-30088 in the Windows Kernel. This flaw is being used to target organizations in the United Arab Emirates and the broader Gulf region. The attackers exploit a vulnerable web server to upload a web shell, which allows them to execute remote code and run PowerShell commands. As part of this attack, APT34 has deployed a new backdoor called ‘StealHook’ to facilitate data exfiltration.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox