Threat Advisories

PowerExchange Backdoor and Web Shells Breach at UAE Government Agency

May 29, 2023

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A high-severity attack targeted a UAE government agency, utilizing a custom PowerShell backdoor named PowerExchange and web shells on Microsoft Exchange servers.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Pikabot A Stealthy Backdoor with Ingenious Evasion Tactics

Buhti Ransomware Operation Repurposes Leaked Encryptors