WIP26 attacks Middle Eastern telecom service providers
WIP26 attacks Middle Eastern telecom service providers
Threat Level
Actor Report
For a detailed threat advisory, download the pdf file here
Summary
The newly discovered WIP26 threat cluster is an espionage-focused group that has been concentrating on infiltrating Middle Eastern telecom companies. To evade detection, the group heavily relies on public cloud infrastructure to mask their malicious communication as legitimate. In addition, they use CMD365 and CMDEmber backdoors to gain access to their targets’ networks.