Iranian threat group APT33 targets US defense contractors with novel malware

The Iranian nation-state threat group APT33, also known as Peach Sandstorm or Refined Kitten, is using previously unknown malware, FalseFont, to target U.S. defense industrial base workers. The malware allows remote access to systems, the launch of additional files, and exfiltration of information to command-and-control servers. Microsoft’s Threat Intelligence team identified this malware as part of APT33’s activity over the past year. APT33 is also known to target aviation and energy sectors internationally.