A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor.
On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of the attack, which likely began in October 2019 until 2021.
The advanced persistent threat (APT) group ITG17, also known as MuddyWater, leveraged a free workspace channel on Slack to harbor malicious content and to obfuscate communications made between malicious command-and-control (C2) servers.