All news with #minibike tag

Iran-linked UNC1549 Compromises 34 Devices in Telecoms

🔒 PRODAFT links a recruitment-themed espionage campaign to an Iran-affiliated cluster tracked as Subtle Snail and attributed to UNC1549 (aka TA455), reporting infiltration of 34 devices across 11 telecommunications organizations in Canada, France, the UAE, the UK and the US. Operators posed as HR recruiters on LinkedIn and delivered a ZIP-based dropper that uses DLL side-loading to install the modular backdoor MINIBIKE, which harvests credentials, browser data, screenshots, keystrokes and system details. MINIBIKE communicates with C2 infrastructure proxied through Azure services, employs anti-analysis measures and achieves persistence via registry modifications to enable long-term access and data exfiltration.