FBI warns of Handala hackers using Telegram in malware attacks
Summary
The FBI has issued a warning about Iranian hackers, reportedly linked to the MOIS, who are employing Telegram to distribute malware. These threat actors are using the messaging platform to deliver malicious payloads, posing a risk to targeted organizations.
IFF Assessment
FOE
This is bad news for defenders as it highlights a new tactic by a state-sponsored threat actor to leverage a popular communication platform for malicious purposes.
Defender Context
Defenders should be aware of this emerging tactic, which involves threat actors using Telegram for malware distribution. Network security teams should consider implementing stricter controls on Telegram usage and monitoring for suspicious file transfers originating from or destined for the platform.