The Iranian group APT33 has recently been observed using a new malware strain, dubbed Tickler, to backdoor the networks of various organizations in the United States and the United Arab Emirates. Tickler is a custom, multi-stage backdoor that enables attackers to maintain persistent access and deploy additional malware onto compromised systems, thereby extending their control over the targeted environments. In these attacks, APT33 leveraged Microsoft Azure infrastructure for command-and-control (C2) purposes.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox