VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Nimbus Manticore: MiniFast and MiniJunk V2 Spread via Phishing and SEO Poisoning

Nimbus Manticore: MiniFast и MiniJunk V2 распространяют через фишинг и SEO-отравление

Colleagues, note: Iranian group Nimbus Manticore is active, deploying MiniFast and MiniJunk V2 backdoors.

- Sources: Check Point and Palo Alto Unit 42 — attacks targeting aviation, software, telecoms and energy.
- Tactics: targeted phishing (fake job offers, fraudulent invites), AppDomain hijacking, trojanized installers, and SEO poisoning.
- MiniFast: full-featured backdoor for command execution, exfiltration and updates; code shows signs of AI-assisted development.

Why it matters: the blend of sophisticated social engineering and novel delivery vectors increases the risk of prolonged presence and data leakage.

How are you preparing for such attack chains?

#Cybersecurity #APT #Phishing #InformationSecurity

Latest comments

No comments yet.