Malicious Life Podcast: Operation GhostShell - An Iranian Espionage Campaign

Malicious Life Podcast: Operation GhostShell - An Iranian Espionage Campaign

In July 2021, Nocturnus - the Cybereason Threat Research and Intelligence team - was called to investigate an espionage campaign targeting Aerospace and Telecommunications companies globally. Their investigation resulted in the discovery of a new threat actor dubbed MalKamak that has been operating since at least 2018, and a new and sophisticated RAT (remote access trojan) dubbed ShellClient that abuses Dropbox for C2 (command and control).

Article Link: Malicious Life Podcast: Operation GhostShell - An Iranian Espionage Campaign