{"id":34018,"date":"2020-03-25T14:07:39","date_gmt":"2020-03-25T14:07:39","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31060\/Never-Before-Seen-Attackers-Are-Targeting-Mideast-Industrial-Organizations.html"},"modified":"2020-03-25T14:07:39","modified_gmt":"2020-03-25T14:07:39","slug":"never-before-seen-attackers-are-targeting-mideast-industrial-organizations","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/","title":{"rendered":"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2012\/08\/oil-eqipment.png\" alt=\"Never-before-seen attackers are targeting Mideast industrial organizations\"><\/p>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\">\n<h4 class=\"comment-count-before\"><a title=\"12 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/?comments=1\">reader comments<\/a><\/h4>\n<p><a title=\"12 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/?comments=1\"><span class=\"comment-count-number\">13<\/span> <span class=\"visually-hidden\">with 12 posters participating<\/span><\/a><\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/div>\n<\/aside>\n<p>Researchers have unearthed an attack campaign that uses previously unseen malware to target Middle Eastern organizations, some of which are in the industrial sector.<\/p>\n<p>Researchers with Kaspersky Lab, the security firm that discovered the campaign, have dubbed it WildPressure. It uses a family of malware that has no similarities to any malicious code seen in previous attacks. It&#8217;s also targeting organizations that don&#8217;t overlap with other known campaigns.<\/p>\n<p>Milum, as the malware is dubbed, is written in C++ and contains clues that suggest developers may be working on versions written in other programming languages. While Milum uses configuration data and communication mechanisms that are common among malware developers, the researchers believe that both the malware and the targets are unique.<\/p>\n<h2>Attention getting<\/h2>\n<p>&#8220;A campaign that is, apparently, exclusively targeting entities in the Middle East (at least some of them are industrial-related) is something that automatically attracts the attention of any analyst,&#8221; Kaspersky researcher Denis Legezo wrote in a <a href=\"https:\/\/securelist.com\/wildpressure-targets-industrial-in-the-middle-east\/96360\/\">post published on Tuesday<\/a>. &#8220;Any similarities should be considered weak in terms of attribution and may simply be techniques copied from previous well-known cases. Indeed, this &#8216;learning from more experienced attackers&#8217; cycle has been adopted by some interesting new actors in recent years.&#8221;<\/p>\n<p>Milum samples show a compilation date of March 2019, a time frame that&#8217;s consistent with the first known infection on May 31, 2019. Kaspersky first spotted Milum last August.<\/p>\n<p>The malware uses the RC4 encryption cipher with a different 64-bit key for each target. It also uses the JSON format for configuration data and to communicate with control servers through HTTP POSTs. Fields inside the JSON data correspond to the C++ language and the .exe file extension. That clue led researchers to hypothesize that malware versions based on other languages are in the works or possibly already exist. To date, the researchers have collected three almost identical samples, all from the same undisclosed country.<\/p>\n<p>The malicious application exists as an invisible toolbar window. The malware implements functions in a separate threat. Researchers were unable to access commands from control servers, but by analyzing command handlers in the malware, the researchers were able to piece together the following:<\/p>\n<table width=\"625\">\n<tbody>\n<tr>\n<td width=\"53\"><strong>Code<\/strong><\/td>\n<td width=\"142\"><strong>Meaning<\/strong><\/td>\n<td width=\"430\"><strong>Features<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"53\">1<\/td>\n<td width=\"142\">Execution<\/td>\n<td width=\"430\">Silently execute received interpreter command and return result through pipe<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">2<\/td>\n<td width=\"142\">Server to client<\/td>\n<td width=\"430\">Decode received content in \u201cdata\u201d JSON field and drop to file mentioned in \u201cpath\u201d field<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">3<\/td>\n<td width=\"142\">Client to server<\/td>\n<td width=\"430\">Encode file mentioned in received command \u201cpath\u201d field to send it<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">4<\/td>\n<td width=\"142\">File info<\/td>\n<td width=\"430\">Get file attributes: hidden, read only, archive, system or executable<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">5<\/td>\n<td width=\"142\">Cleanup<\/td>\n<td width=\"430\">Generate and run batch script to delete itself<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">6<\/td>\n<td width=\"142\">Command result<\/td>\n<td width=\"430\">Get command execution status<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">7<\/td>\n<td width=\"142\">System information<\/td>\n<td width=\"430\">Validate target with Windows version, architecture (32- or 64-bit), host and user name, installed security products (with WQL request \u201cSelect From AntiVirusProduct WHERE displayName &#8220;Windows Defender&#8221;)<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">8<\/td>\n<td width=\"142\">Directory list<\/td>\n<td width=\"430\">Get info about files in directory: hidden, read only, archive, system or executable<\/td>\n<\/tr>\n<tr>\n<td width=\"53\">9<\/td>\n<td width=\"142\">Update<\/td>\n<td width=\"430\">Get the new version and remove the old one<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>When researchers took control of one of the campaign&#8217;s control servers, they observed mostly computers located in the Middle East connecting. (The researchers believe that the IP addresses not located in the Middle East belonged to network scanners, Tor Exit nodes, and VPN connections.) Some of those Middle Eastern IP addresses belonged to organizations occupying the industrial sectors. Milum gets its name from a string found in one of the executable file names, as well as C++ class names inside the malware.<\/p>\n<p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/milum-targets.png\" class=\"enlarge\" data-height=\"346\" data-width=\"774\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/milum-targets-640x286.png\" width=\"640\" height=\"286\" srcset=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/milum-targets.png 2x\"><\/a> <\/p>\n<div class=\"caption-credit\">Kaspersky Lab<\/div>\n<p>The above screenshot of a Kaspersky computer connecting to the sinkholed control server showed only devices based in Iran connecting. Tuesday&#8217;s post didn&#8217;t identify the countries of other infected organizations.<\/p>\n<p>Over the past decade, the Middle East has emerged as a hotspot for hacking operations, with (to name only four) an attack <a href=\"https:\/\/arstechnica.com\/information-technology\/2017\/12\/game-changing-attack-on-critical-infrastructure-site-causes-outage\/\">targeting safety controls in critical infrastructure facilities<\/a>, a reportedly US operation that <a href=\"https:\/\/arstechnica.com\/tech-policy\/2019\/08\/us-hack-attack-hobbles-irans-ability-to-target-oil-tankers-nyt-says\/\">hobbled Iran&#8217;s ability to target oil tankers<\/a>, a <a href=\"https:\/\/arstechnica.com\/security\/2012\/08\/shamoon-malware-attack\/\">destructive disk-wiping campaign<\/a> against a Saudi Arabian gas company, and the <a href=\"https:\/\/arstechnica.com\/tag\/stuxnet\/\">Stuxnet<\/a> and Flame malware that targeted Iran. The discovery of WildPressure and Milum suggest attacks in the region aren&#8217;t likely to die down any time soon.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31060\/Never-Before-Seen-Attackers-Are-Targeting-Mideast-Industrial-Organizations.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":34019,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8529],"class_list":["post-34018","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackermalwarecyberwarscada"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-25T14:07:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png\" \/>\n\t<meta property=\"og:image:width\" content=\"440\" \/>\n\t<meta property=\"og:image:height\" content=\"293\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations\",\"datePublished\":\"2020-03-25T14:07:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/\"},\"wordCount\":700,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png\",\"keywords\":[\"headline,hacker,malware,cyberwar,scada\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/\",\"name\":\"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png\",\"datePublished\":\"2020-03-25T14:07:39+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png\",\"width\":440,\"height\":293},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,cyberwar,scada\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwarecyberwarscada\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/","og_locale":"en_US","og_type":"article","og_title":"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-03-25T14:07:39+00:00","og_image":[{"width":440,"height":293,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations","datePublished":"2020-03-25T14:07:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/"},"wordCount":700,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png","keywords":["headline,hacker,malware,cyberwar,scada"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/","url":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/","name":"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png","datePublished":"2020-03-25T14:07:39+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations.png","width":440,"height":293},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/never-before-seen-attackers-are-targeting-mideast-industrial-organizations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,cyberwar,scada","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwarecyberwarscada\/"},{"@type":"ListItem","position":3,"name":"Never-Before-Seen Attackers Are Targeting Mideast Industrial Organizations"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34018"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34018\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34019"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}