Iran-linked APT TA453 targets Windows and macOS systems
Security Affairs
JULY 8, 2023
” reads the analysis published by Proofpoint. That system identifier is then encrypted with the NokNok function and base64 encoded before being used as the payload of an HTTP POST to library-store.camdvr[.]org.” ” continues the analysis. The backdoor maintains persistence by using LaunchAgents.
Let's personalize your content