The Iran-based threat group, Charming Kitten, has attacked seven Israeli government and business sectors during a 24-hour period.

What has happened?

Check Point researchers observed communications between a server used by the Charming Kitten group and targets in Israel. 
  • The group is actively taking advantage of a recently disclosed vulnerability in Log4j to carry out attacks.
  • The exploited vulnerability, known as Log4Shell, allows attackers to take control of everything from industrial control systems to web servers and consumer electronics.
  • The information regarding the targets was not revealed, however, the researchers claimed that no attempts were observed targeting the same entities in other countries.

Cyber warfare between two nations

  • In October, Israel was blamed for a series of cyberattacks on Iranian infrastructure, such as the country's fuel distribution system.
  • In the same month, the Black Shadow group from Iran claimed to have targeted internet service providers in Israel. 
  • Additionally, Israel's largest LGBTQ dating site was targeted and the suspected Iranian attackers demanded a ransom.

Ending thoughts

As the exploitation of Log4j vulnerabilities continues, researchers expect to witness more and more threat attackers joining the bandwagon to abuse the flaw. The Charming Kitten APT is only the latest threat actor to take advantage of the vulnerability to further its malicious operations.

Cyware Publisher