Iran-Linked Hackers Target Europe With New Malware

Iranian hackers expand their reach, targeting European infrastructure with advanced malware, posing a significant threat to cybersecurity.

By Content Team

Sep 23, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Iranian cyber-espionage group "Nimbus Manticore" has expanded beyond the Middle East to target critical infrastructure in Denmark, Portugal, and Sweden. The IRGC-linked hackers are hitting defense manufacturing, telecommunications, and aviation companies using two new malware variants: "MiniJunk" and "MiniBrowse."

Their attacks start with fake HR recruitment emails appearing to come from companies like Airbus and Boeing. Victims are directed to phony job sites that download malicious archives disguised as hiring materials.

MiniJunk is a significantly upgraded backdoor that uses advanced obfuscation techniques, code signing, and multiple command servers to avoid detection. The malware can steal files, execute processes, and maintain persistent access to compromised systems.

Check Point researchers say the group's sophisticated tactics represent "a significant increase in the actor's abilities," making detection much harder for defenders.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Iranian Hackers Target US Medical Company in Cyber Retaliation

Mar 15, 2026

Trivy Supply Chain Attack Expands With New Compromised Docker Images

Mar 23, 2026

Cyber Warfare Takes Center Stage in US-Israel Operations Against Iran

Mar 20, 2026

Microsoft Kicks Off 2026 With 112 Security Patches, Including Active Zero-Day Attack

Jan 14, 2026