Chinese APT group linked with attacks on Iranian government networks

Chinese APT group Vixen Panda identified in cyber attacks on Iranian government networks, deploying new variants of the Turian backdoor between July and December 2022.

Vixen Panda, a Chinese advanced persistent threat (APT) group, has been linked to a wave of attacks against the Iranian government between July and December 2022. An analysis conducted by cybersecurity researchers at the Palo Alto Networks’ Unit 42 indicates that Iranian government networks have likely been compromised by two new variants of a backdoor called Turian.