Nimbus Manticore: MiniFast and MiniJunk V2 Spread via Phishing and SEO Poisoning

Colleagues, note: Iranian group Nimbus Manticore is active, deploying MiniFast and MiniJunk V2 backdoors.
- Sources: Check Point and Palo Alto Unit 42 — attacks targeting aviation, software, telecoms and energy.
- Tactics: targeted phishing (fake job offers, fraudulent invites), AppDomain hijacking, trojanized installers, and SEO poisoning.
- MiniFast: full-featured backdoor for command execution, exfiltration and updates; code shows signs of AI-assisted development.
Why it matters: the blend of sophisticated social engineering and novel delivery vectors increases the risk of prolonged presence and data leakage.
How are you preparing for such attack chains?
#Cybersecurity #APT #Phishing #InformationSecurity


Latest comments
No comments yet.