Cert2Connect

Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors

This blog details suspected Iranian espionage activity since June 2022 targeting aerospace aviation and defense entities in Israel UAE and potentially Turkey India and Albania. The campaign involves social engineering to deploy two backdoors MINIBIKE and MINIBUS and extensive use of Azure infrastructure for command and control. The activity shows potential links to Iranian actor UNC1549 which overlaps with IRGC-affiliated Tortoiseshell. The targeting focuses on sectors of strategic interest to Iran and the evasion tactics aim to mask the malicious operations.
Overzicht

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak