Local governments allegedly targeted with Iranian ‘Drokbk’ malware through Log4j vulnerability

Several local US government networks have been targeted by the Drokbk malware, exploited by Iranian government-backed group Cobalt Mirage (or Nemesis Kitten/UNC2448), via the Log4j vulnerability. The group, which has targeted US networks since February, uses the malware to maintain access to victims’ networks. Cobalt Mirage’s targets likely depend on the presence of vulnerabilities, leading it to hit local governments and the finance and education sectors.