Intel Name: Iranian hackers allegedly used indian firm’s compromised email to target uae aviation sector
Date of Scan: March 13, 2025
Impact: Medium
Summary: Iranian hackers are suspected of using a compromised email account from the Indian company INDIC Electronics to launch a targeted phishing campaign against UAE’s aviation and satellite communications sectors. The attack involved obfuscated malicious files and scripts, ultimately delivering a DLL backdoor, Sosano. This sophisticated campaign, likely linked to Iranian-aligned actors, aimed at critical infrastructure and demonstrated advanced evasion techniques.However, Researchers assess with moderate confidence that the campaign may be linked to an Iranian-aligned actor, possibly affiliated with the Islamic Revolutionary Guard Corps (IRGC).
