Iran: Iranian threat actors who are believed to be linked to APT35 (Charming Kitten) uploaded training videos to an unsecured server. Discovered by researchers at IBM’s X-Force, the videos are believed to be used to train recruits for the threat actor. The videos that were found showed a range of techniques used by the group, including hijacking accounts using stolen credentials and how to export account data. Some of the victims in the videos were alerted to the attack by X-Force after the training videos showed 2-Factor-Authentication(2FA) being used to block intrusions. The videos were recorded using an application called BandiCam, which suggests that they were taken on purpose and ruled out the threat actors being infected by their malware by accident.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.