Скачать или смотреть INFy APT is BACK: Inside Iran’s New, Untraceable C2 Malware (Foudre/Tonnerre V34)

The Iranian-linked Advanced Persistent Threat (APT) group known as INFy or "Prince of Persia" has resurfaced after a nearly five-year operational silence with highly sophisticated, updated malware strains: Foudre (v34) and Tonnerre (v12-18, 50).

In this Technical Autopsy, we break down the most critical updates to their tradecraft. This includes a new distribution method (from macro-laced files to embedded executables), the use of a resilient Domain Generation Algorithm (DGA) for C2 infrastructure, and a never-before-seen technique using RSA digital signatures to validate C2 authenticity. We also reveal the threat actor's unconventional choice of Telegram for issuing commands and collecting data. Watch to understand the kill chain, identify the indicators of compromise, and learn the essential defense strategies.

Disclaimer: This video was created with the assistance of AI for research and educational purposes. All cybersecurity incidents and information discussed are based on legitimate and verifiable public sources. Viewers are encouraged to conduct their own research to stay informed and critically evaluate the details presented.

#INFyAPT

#CyberEspionage

#IranHacking

#TechnicalAutopsy