GreenCharlie Infrastructure Linked to US Political Campaign Targeting
An analysis by Insikt Group revealed a significant surge in cyber threat activities from GreenCharlie an Iran-linked group associated with Mint Sandstorm Charming Kitten and APT42. The group persistently targets US political and governmental entities through sophisticated phishing operations involving malware like GORBLE and POWERSTAR. Their infrastructure employs dynamic DNS providers and deceptive domain themes to facilitate phishing attacks. Recorded Futures Network Intelligence identified Iran-based IP addresses communicating with GreenCharlies infrastructure further suggesting Iranian involvement in these operations.