top of page
  • Clipeus

APT33 Targets Defense Contractors



On 21 December 2023, Microsoft Threat Intelligence team published an X post which attributes a novel backdoor dubbed "FalseFont" to APT33 (a.k.a. "Refined Kitten," "Peach Sandstorm").


Microsoft X Post, 21 December 2023


Microsoft-provided intelligence indicates FalseFont is being actively used in an Iranian state-sponsored global espionage operation which targets defense contractors globally. The backdoor was first observed as early as November 2023.


Earlier this year, Microsoft reported a vast Iran-backed campaign targeting satellite, defense, and pharmaceutical sectors via password spraying attacks.


Comments


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to info@clipeusintelligence.com with your inquiry. We would be glad to assist you

bottom of page