APT34 Deploys Phishing Attack With New Malware

The APT34 advanced persistent threat group has developed a new malware, named Menorah, designed for targeted spear phishing attacks and cyber espionage. The malware can identify machines, read and upload files, and download other files or malware. The group seems to have targeted an organisation in Saudi Arabia, using a malicious document named ‘MyCv.doc’, disguised as a Seychelles Licensing Authority registration form containing pricing info in Saudi Riyal. The APT34 group primarily targets organisations within the Middle East.