Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2025/12/11 11:0 a.m.16 views

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

An advanced persistent threat APT known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020. Palo Alto Networks Unit 42 is tracking the activity cluster under the name Ash...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/13 4:9 p.m.4 views

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE , has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/01 5:11 p.m.16 views

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

A threat actor tracked as WIRTE has been assaulting Middle East governments since at least 2019 using “living-off-the-land” techniques and malicious Excel 4.0 macros. On Monday, Kaspersky reported that it observed the group in February using Microsoft Excel droppers, which planted hidden...

7.7AI score
Exploits0References17
The Hacker News
The Hacker News
added 2021/11/30 8:31 a.m.15 views

WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East

Government, diplomatic entities, military organizations, law firms, and financial institutions primarily located in the Middle East have been targeted as part of a stealthy malware campaign as early as 2019 by making use of malicious Microsoft Excel and Word documents. Russian cybersecurity compa...

1.3AI score
Exploits0
Securelist
Securelist
added 2021/11/29 8:0 a.m.39 views

WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019

Overview This February, during our hunting efforts for threat actors using VBS/VBA implants, we came across MS Excel droppers that use hidden spreadsheets and VBA macros to drop their first stage implant. The implant itself is a VBS script with functionality to collect system information and...

7.4AI score
Exploits0
Rows per page
Query Builder