article thumbnail

Iranian hackers target energy sector with new DNS backdoor

Bleeping Computer

The Iranian Lycaeum APT hacking group uses a new.NET-based DNS backdoor to conduct attacks on companies in the energy and telecommunication sectors. [.].

DNS 142
article thumbnail

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Sea Turtle Hackers Spy on Dutch ISPs and Telecommunication Companies

Heimadal Security

DNS hijacking and traffic redirection that leads to man-in-the-middle attacks are among their cyber espionage techniques. Their goal is to collect economic and political intelligence […] The post Sea Turtle Hackers Spy on Dutch ISPs and Telecommunication Companies appeared first on Heimdal Security Blog.

article thumbnail

Why You Need a Secondary DNS

Security Boulevard

Last month, a large Canadian telecommunications provider suffered a catastrophic outage for more than 18 hours. The post Why You Need a Secondary DNS appeared first on Security Boulevard. Many Canadians found themselves disconnected when cellular networks and the internet failed to respond—at home or at work.

DNS 93
article thumbnail

Lyceum.NET DNS Backdoor

Security Boulevard

Active since 2017, Lyceum group is a state-sponsored Iranian APT group that is known for targeting Middle Eastern organizations in the energy and telecommunication sectors and mostly relying on.NET based malwares. The threat actor then leverages the AutoClose() function to drop the DNS backdoor onto the system. Lyceum.NET DNS backdoor.

DNS 98
article thumbnail

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

” The DNS part of that moniker refers to the global “ D omain N ame S ystem ,” which serves as a kind of phone book for the Internet by translating human-friendly Web site names (example.com) into numeric Internet address that are easier for computers to manage. PASSIVE DNS.

DNS 270
article thumbnail

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. It is interesting to note that FireEye confirmed that this campaign is different from other operations carried out by Iranian APT groups due to the use of DNS hijacking at scale.

DNS 109