"Iranian Hackers Use Poisoned VPN Apps to Target Mideastern Policy Experts"
Iranian threat actor Charming Kitten, also known as APT35, has targeted Middle East policy experts with a new backdoor called BASICSTAR, using fake webinar portals and social engineering tactics. The group, linked to Iran's Islamic Revolutionary Guard Corps (IRGC), has a history of deploying various backdoors and malware, including targeting high-profile individuals working on Middle Eastern affairs. The phishing attacks involved posing as legitimate organizations and using compromised email accounts, with the attackers showing a commitment to conducting surveillance on their targets. Additionally, Recorded Future uncovered IRGC's targeting of Western countries using a network of contracting companies specializing in surveillance and offensive technologies.