Iranian Hackers Target Telecoms in Morocco and Middle East, Report Reveals
Hackers affiliated with Iran are said to be linked to a series of targeted attacks on Internet Service Providers (ISPs) and telecommunications operators in Morocco, Tunisia, Saudi Arabia and Israel.
The hacker group, Lyceum, is said to have intruded into the operating systems of several entities in Morocco between July and October 2021, according to a technical report by researchers from counter-espionage centers, without revealing the identity of the victims.
Active since 2017, Lyceum (alias Hexane or Spirlin) targets strategic sectors of the state, as well as ISPs and government agencies, for the purpose of cyber espionage. With malware and advanced TTPs, the group has managed to launch attacks against two companies in Tunisia, informed the Russian cybersecurity company Kaspersky.
To read: Moroccan Central Bank Alerts Financial Sector to Rising Cybersecurity Threats
The group used malware such as Shark and Milan to obtain account credentials of companies and take control of their information systems and post-exploitation.
"Lyceum will likely continue to use the Shark and Milan software, but with some modifications, as the group has likely been able to maintain its presence in victim networks despite the public disclosure of indicators of compromise associated with its operations," the researchers said.
Related Articles
-
Moroccan Official Reassigned After Assault; Attacker Sentenced to Prison
19 April 2025
-
Ryanair’s Abrupt Cancellation of Malaga-Nador Route Sparks Outrage Among Moroccan Expats
19 April 2025
-
Moroccan Court Orders Repayment as Swiss Entrepreneur’s Textile Firm Faces Bankruptcy
19 April 2025
-
Moroccan Officials Under Investigation for Undeclared Foreign Assets and Bitcoin Trafficking
19 April 2025
-
Moroccan Real Estate Developers Accused of Tax Evasion Scheme in Jorf El Melha
19 April 2025