Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets

SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada.

The elusive Iranian hacking group known as Prince of Persia (also called Infy) is far from retired. Despite appearing to go dark for nearly three years, newly published research from SafeBreach Labs shows the group is not only active but has significantly expanded its reach.

For your information, this group is an Advanced Persistent Threat (APT), a category of state-sponsored hackers that’s linked to the Iranian government and has been quietly targeting diplomats, activists, and critical systems since 2007.

SafeBreach, a breach simulation leader, discovered these hidden activities and shared its investigation with Hackread.com. Their team has tracked the group since 2019, noting they are now “operating at a broader scale ...