Threat Advisories

Iron Tiger APT Group Updates SysUpdate Malware to Target Linux Platforms

March 2, 2023

Threat Level

Attack Report

Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs.

Summary

The Iron Tiger aka APT27 group updated their custom malware, SysUpdate, to target Linux platforms and evade security solutions. They specifically targeted a vulnerability in a Wazuh signed executable, using a complex loading process and new C&C communication through DNS TXT requests.

ParallaxRAT targets cryptocurrency organizations through phishing emails

A New APT named APT-C-61 Targets South Asia