Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
Summary
A threat actor linked to Iran, dubbed Dust Specter by Zscaler ThreatLabz, is targeting Iraqi government officials with new malware. The campaign uses fake Ministry of Foreign Affairs communications to deliver the SPLITDROP and GHOSTFORM malware.
IFF Assessment
FOE
The discovery of new malware and a targeted campaign against government officials represents an increased threat to defenders.
Defender Context
This campaign highlights the ongoing threat of nation-state backed attacks and sophisticated social engineering techniques. Defenders should be vigilant against spear-phishing attempts, especially those impersonating government entities, and ensure robust endpoint detection and response capabilities to identify and block novel malware.