Iran-linked BladedFeline hits Iraqi and Kurdish targets with Whisper and Spearal malware

An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024.

The activity is tied to a threat group ESET tracks as BladedFeline, which is assessed with medium confidence to be a sub-cluster within OilRig, a known Iranian nation-state cyber actor. It’s said to be active since September 2017, when it targeted officials associated with the Kurdistan Regional Government (KRG).

“This group develops malware for maintaining and expanding access within organizations in Iraq and the KRG,” the Slovak cybersecurity company said in a technical report shared with The Hacker News.

Read more at The Hacker News