Iran-linked Lyceum Group adds a new weapon to its arsenal. [Research Saturday]
CyberWire Daily
00:00
Is It an Efficient Way to Do Things?
The group is known to maintain persistence in the victim and ament. So it's reasonable to assume that some of the goverment sector organizations were being targeted. The only communication that's going out as a result of this backtor, as i mentioned, is danas protocols on the network leret well, you're not seeing some suspicious activity. Its all danesqueries. And how are they maintaining persistence on the machines that they ere able to infect? Yes, they will. A once the user falls for the the fishing emarit and the link gets down loaded,. In case of p df or or the macro document, the malicious bactor will get down loaded.
Play episode from 07:28
Transcript
