Prince of Persia Strikes Again: Infy’s Hidden Cyber Shenanigans Unveiled!
Infy, the notorious Iranian threat actor also known as Prince of Persia, is back in action with a vengeance. Latest findings reveal a stealthy campaign across multiple countries using their signature malware, Foudre and Tonnerre. This notorious group proves they’re more elusive, active, and dangerous than ever before.
Hot Take:
Who knew the Prince of Persia was still running around not just in video games but in cyber corridors of the internet too? Infy, the OG of the Iranian APT actors, is not just playing peek-a-boo anymore. They’re out here with a full dramatic saga, complete with phishing emails and Telegram groups. Someone call Netflix, there’s a new series in town!
Key Points:
- Infy, also known as Prince of Persia, is an Iranian APT group active since 2004.
- The group uses Foudre and Tonnerre malware strains to conduct attacks.
- Recent campaigns target countries including Iran, Iraq, Turkey, India, Canada, and parts of Europe.
- New tactics involve using a domain generation algorithm and RSA signatures for C2 infrastructure.
- Tonnerre now includes a mechanism to connect with a Telegram group for C2 communication.
Already a member? Log in here