Madi

MISP

Tipo:
Nation-state

Paese:
IR

Prima attivita:
Unknown

Dettagli:

Kaspersky Lab and Seculert worked together to sinkhole the Madi Command & Control (C&C) servers to monitor the campaign. Kaspersky Lab and Seculert identified more than 800 victims located in Iran, Israel and select countries across the globe connecting to the C&Cs over the past eight months. Statistics from the sinkhole revealed that the victims were primarily business people working on Iranian and Israeli critical infrastructure projects, Israeli financial institutions, Middle Eastern engineering students, and various government agencies communicating in the Middle East.
Common applications and websites that were spied on include accounts on Gmail, Hotmail, Yahoo! Mail, ICQ, Skype, Google+, and Facebook. Surveillance is also performed over integrated ERP/CRM systems, business contracts, and financial management systems.

Riferimenti (6)

securelist.com - 33693
securelist.com - 33701
cfr.org - Madi
kaspersky.com - 2012 Kaspersky Lab And Seculert Announce Madi A Newly Discovered Cyber Espionage Campaign In The Middle East
threatpost.com - 76849
web.archive.org - Madi Attacks Series Social Engineering Campaigns

Metadata

ID:	134
Created:	13/01/2026 17:48
Updated:	07/03/2026 16:00