Date of report
- May 2022
Affiliations
Iranian threat actor APT 34 targeted Jordanian officials with the novel backdoor Saitama, which abuses the domain name system (DNS) protocol for command and control communications. Masquerading as the Government of Jordan, APT 34 sent an email via Microsoft Outlook with a malicious Excel document that contained the Saitama backdoor to other officials in the Jordanian government.
Suspected victims
- Government officials at Jordan’s foreign ministry
Suspected state sponsor
- Iran (Islamic Republic of)
Type of incident
- Espionage
Target category
- Government
Victim government reaction
- Unknown