Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base.
The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont, which features several capabilities that empower backdoor operators to remotely connect to a compromised system, initiate the execution of supplementary files, and transmit data to attacker-controlled servers.