The U.S. government indictments, sanctions and detailing of TTPs were part of a wave of actions against Iran-linked threat actors that allegedly targeted critical infrastructure organizations since 2020.
Iranian threat actor TA453 has been sending spear-phishing emails that impersonate real individuals from Western foreign policy research institutions.
The White House and the Albanian government blamed Iranian government-supported actors for a July attack on Albania infrastructure, and said futrher action would be forthcoming.
The Iranian APT group known as Charming Kitten has been using a new tool called HYPERSCRAPE to steal the contents of Gmail, Yahoo, and Outlook 365 inboxes.
Meta has disrupted the operations of two Iranian threat actors, including UNC788 and a previously unidentified group, that were using the company's platforms to target a wide range of victims.