In a new report, FireEye says the operation by the group it dubs APT34 is "largely focused on reconnaissance efforts to benefit Iranian nation-state interests and has been operational since at least 2014."
The mostly Middle Eastern targets include government agencies and private industries, including financial, energy, chemical, and telecommunications sectors, the company says.
FireEye bases its assessment that APT34 works on behalf of the Iranian government on clues that include references to Iran, the use of Iranian infrastructure, and targeting that aligns with Iran's interests.
The hackers sometimes breached networks through spearphishing, a technique designed to get users to open a file in email that secretly installs malware on their computer.
Go to link