A newly discovered Iranian hacking group has waged a campaign to steal information from companies in the Middle East, the US, Europe, and Russia since 2018, according to cybersecurity researchers.
Bloomberg Law reported research prepared by several technical specialists, indicating that a group of Iranian hackers exploited extensive technical vulnerabilities in the cloud network of the file storage service Dropbox application.
They were able to access essential data for several aerospace and telecommunications companies in the Middle East, the US, Europe, and Russia.
The Iran-based hacking group, dubbed MalKamak, disguised its activities in Dropbox and has operated since 2018.
The intrusions analyzed by the specialists suggest that the motivation is cyberespionage against a very small set of carefully selected targets. This is supported by the fact that there have been very few samples found in the telemetry or in-the-wild since 2018, in contrast to commodity malware that can usually be found in abundance.
It has been under ongoing development since at least 2018, with several iterations that introduced new functionalities, while it evaded antivirus tools and managed to remain undetected and publicly unknown.
Source » trackpersia