Iran-linked hackers used Israeli IT providers to target government bodies

Once installed, the tool can infiltrate programs used to access other computers. Malware disguised as legitimate updates sent by the IT provider can be sent to the customer. 

The Jerusalem Post
75
2 دقيقة قراءة
0 مشاهدة
Iran-linked hackers used Israeli IT providers to target government bodies
Jerusalem Post/Middle East
Hacker attack
Hacker attack
(photo credit: SHUTTERSTOCK)
ByJERUSALEM POST STAFF
JULY 7, 2026 08:31
Updated: JULY 7, 2026 10:50

An Iran-linked hacking group has created a new framework to attack Israeli organizations in the government and IT sectors while evading traditional detection and analysis systems, Israeli cybersecurity company Check Point disclosed in a report released on Monday.

In the report, Check Point Research (CPR) stated that it had been monitoring a hacking group called Cavern Manticore, linked to the Iranian Ministry of Intelligence and Security, since early 2026.

This new framework allows hackers to tailor attacks to new environments, limit what defenders and analysts can recover from any single victim, and extend access after the initial attack through specialized modules for expansion and data access, CPR explained.

According to the report, the group first attacked and used trusted IT providers to spread their new tool, which then gained access to files on the infected computers, downloaded additional programs, searched files and internal networks, tested passwords, and moved deeper into the targeted organizations.

Malware exploits IT provider tools

Once installed, the tool can infiltrate programs used to access other computers. Malware disguised as legitimate updates from the IT provider can be delivered to the customer.

The tool appeared to be specifically designed to exploit Remote Monitoring and Management (RMM) solutions, in which control of a device can be transferred to another party.

CPR found multiple instances of an initially compromised provider leading to another before the tool reached its intended target, leading to the belief that Cavern Manticore has a detailed understanding of the IT supplier chains within Israel.

المصدر الأصلي

The Jerusalem Post

شارك هذا المقال

مقالات ذات صلة