Skip to content Skip to footer

Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia

Published by: Bitdefender

Chafer APT is a threat group with an apparent Iranian link. It is known to be active since 2014, focusing on cyber espionage campaigns. Bitdefender has spotted the group targeting critical infrastructure from the Middle East, presumably for intelligence gathering. Bitdefender researchers have found attacks conducted by this actor in the Middle East region, dating back to 2018. The campaigns were based on several tools, including “living off the land” tools, which makes attribution difficult, as well as different hacking tools and a custom built backdoor. Download this Case Study and read about key findings such as: Campaign targeted air transportation and government. Attacker activity occurred on weekends. In the Kuwait attack, threat actors created their own user account. The Saudi Arabia attack relied on social engineering to compromise victims. The end goal of both attacks was likely data exploration and exfiltration

Read More

By submitting this form you agree to Bitdefender contacting you with marketing-related emails or by telephone. You may unsubscribe at any time. Bitdefender web sites and communications are subject to their Privacy Notice.

By requesting this resource you agree to our terms of use. All data is protected by our Privacy Notice. If you have any further questions please email

Related Categories:

digital route logo
Lang: ENG
Type: Whitepaper Length: 14 pages

More resources from Bitdefender