Threat Advisories:
🎧 Hive Force Labs: Critical Threats Affecting You This Week - 5 Minute Audio Intelligence Report
👥 Play Count: Loading...

Iranian OilRig Group Strikes with AutoHotkey Keylogger and Malicious Macro

Threat Level – Red | Vulnerability Report
Download PDF

In a recent intrusion, a threat actor utilized AutoHotkey to launch a keylogger. The Iranian OilRig group is suspected to be the culprit behind this attack. The initial compromise was initiated with a malicious VBA macro embedded in a Word document.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cybersecurity Leaders Dinner at Houston

CTEM for CISOs in 2025, brought to life by Al Lindseth.

Tuesday, October 7th, 2025
6.00 pm to 9.00 pm
Del FRISCOS Double Eagle Steakhouse, Houston TX