Threats Feed

The WezRat malware, attributed to the Iranian group Emennet Pasargad, has targeted organizations in Israel, the US, France, and Sweden across sectors such as telecommunications, streaming services, and athletics. Delivered via phishing campaigns impersonating the Israeli National Cyber Directorate, WezRat employs modular functionality for data theft, command execution, and surveillance. The group also leveraged disinformation campaigns, hacking SMS services, IPTV systems, and display providers to broadcast propaganda. Recent campaigns include a fake Chrome update targeting Israeli entities. The malware employs obfuscation, persistence mechanisms, and C&C communication to evade detection and maintain control.

The Iranian cyber group Emennet Pasargad, also known as Aria Sepehr Ayandehsazan, targeted sectors in Israel and the United States, employing new tactics such as cover personas and fictitious hosting providers. Its operations included cyber-enabled influence campaigns during the 2024 Olympics and the collection of IP camera data to amplify psychological impact. Emennet Pasargad created custom personas, such as "Cyber Court," to support hacktivist activities and targeted U.S.-based streaming services for influence operations. They also leveraged open-source information on Israeli personnel to increase targeting precision, demonstrating an advanced combination of infrastructure obfuscation, influence tactics, and direct compromise efforts.

The Iranian cyber group Emennet Pasargad, also known as Aria Sepehr Ayandehsazan, targeted sectors in Israel and the United States, employing new tactics such as cover personas and fictitious hosting providers. Its operations included cyber-enabled influence campaigns during the 2024 Olympics and the collection of IP camera data to amplify psychological impact. Emennet Pasargad created custom personas, such as "Cyber Court," to support hacktivist activities and targeted U.S.-based streaming services for influence operations. They also leveraged open-source information on Israeli personnel to increase targeting precision, demonstrating an advanced combination of infrastructure obfuscation, influence tactics, and direct compromise efforts.

The Iranian cyber group Emennet Pasargad, also known as Aria Sepehr Ayandehsazan, targeted sectors in Israel and the United States, employing new tactics such as cover personas and fictitious hosting providers. Its operations included cyber-enabled influence campaigns during the 2024 Olympics and the collection of IP camera data to amplify psychological impact. Emennet Pasargad created custom personas, such as "Cyber Court," to support hacktivist activities and targeted U.S.-based streaming services for influence operations. They also leveraged open-source information on Israeli personnel to increase targeting precision, demonstrating an advanced combination of infrastructure obfuscation, influence tactics, and direct compromise efforts.