Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the neve domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/vhosts/sigmacybersecurity.com/httpdocs/wp-includes/functions.php on line 6114
Charming Kitten targets critical infrastructure in US and elsewhere with BellaCiao malware - Sigma Cyber Security
Skip to content

Charming Kitten targets critical infrastructure in US and elsewhere with BellaCiao malware

Iranian state-sponsored hacking group Charming Kitten has been identified as the group behind a series of attacks targeting critical infrastructure in the United States and elsewhere. The group, also known by a variety of other names, has been actively operating since 2011 and has targeted activists, journalists, and organisations in multiple countries.

Earlier this month, Microsoft announced the group had been linked to cyber attacks on US critical infrastructure. Now, according to a new report from security researchers at anti-virus firm Bitdefender, a new weapon has been added to the group’s arsenal. The weapon is custom-developed malware known as BellaCiao, which is designed to evade detection and contains unique code.

The malware contains specific company names, specially-crafted subdomains, and associated IP addresses, and it attempts to disable Microsoft Defender, open backdoors, launch further attacks, and exfiltrate credentials. It is not known as yet how the group is initially intruding into networks to plant the malware.

Organisations should take precautions to ensure their systems are well-maintained, have strong and unique passwords, and are patched against software vulnerabilities.

In summary, Iranian state-sponsored hacking group Charming Kitten has been linked to a series of attacks targeting critical infrastructure in the US and elsewhere. The group has added a new weapon to its arsenal in the form of custom-developed malware called BellaCiao, which can evade detection, open backdoors, and exfiltrate credentials. Organisations should take precautions to ensure their systems are secure and protected against potential threats.

Key Points:
• Charming Kitten is a state-sponsored hacking group from Iran
• The group has been linked to attacks on US critical infrastructure
• The group has developed custom-developed malware called BellaCiao
• BellaCiao is designed to evade detection and open backdoors
• Organisations should take precautions to ensure their systems are secure

Leave a Reply

Your email address will not be published. Required fields are marked *