216.73.217.22

Middle East Conflict Fuels Opportunistic Cyber Attacks

· Published 06/03/2026 19:39 · Modified 09/03/2026 10:31

Export JSON

Essential information

Published
06/03/2026 19:39
Modified
09/03/2026 10:31
Tags
2026-03-06 backdoor dll sideloading donation scam lotuslite meme-coin middle east phishing shellcode stealc
Related entities
12 observables, 1 intrusion sets (apt), 8 techniques (mitre), 2 malware, 20 others

Description

The ongoing conflict in the has triggered a surge in cybercriminal activity. Over 8,000 newly registered domains with conflict-related keywords have been identified, many of which may be weaponized in future campaigns. Multiple cases of malicious activity have been observed, including targeted attacks using conflict-themed lures, deployment of the , fake news blogs leading to malware, sites impersonating government portals, donation scams, fraudulent storefronts, and pump-and-dump schemes. Threat actors are leveraging various techniques such as , execution, and social engineering to compromise victims. The campaigns demonstrate the opportunistic nature of cybercriminals in exploiting geopolitical events for malicious purposes.

Related entities

Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.

Observables (12)

  • 80.97.160.190
  • 172.81.60.97
  • http://www.e-kflower.com/_prozn/_skin_mbl/home/KApp.rar
  • http://www.e-kflower.com/_prozn/_skin_mbl/home/KAppl.rar
  • www.e-kflower.com
  • www.360printsol.com
  • https://www.360printsol.com/2026/alfadhalah/thumbnail?img=index.png.
  • 819f586ca65395bdd191a21e9b4f3281159f9826e4de0e908277518dba809e5b
  • 24b11b4b999b385bede48ad9f0570e2e5da4a2054b96738b1e4d4946ece94bc1
  • db40546435a7c42b32493301e333c8c0010e652fecd02463614a386f916055ec
  • 8564763407064117726211ff8f89555e5a3b2b70bc9667032abd69cbe53b5216
  • 4fb9b5d115bceee45a89447fb2565faef07452cda6b8e244e53ad91499c3d9b5

Intrusion sets (APT) (1)

  • MUSTANG PANDA BRONZE PRESIDENTSTATELY TAURUS
    The MITRE Corporation Confidence 100

    [Mustang Panda](https://attack.mitre.org/groups/G0129) is a China-based cyber espionage threat actor that has been conducting operations since at least 2012. [Mustang Panda](https://attack.mitre.org/groups/G0129) has been known to use tailored phishing lures …

    First seen 01/01/1970 · Last seen 16/11/5138 Published 16/12/2025 19:39 · Modified 22/05/2026 04:12

Techniques (MITRE) (8)

  • T1036
    Masquerading
  • T1055
    Process Injection
  • T1059.003
    Windows Command Shell
  • T1027
    Obfuscated Files or Information
  • T1547.001
    Registry Run Keys / Startup Folder
  • T1102
    Web Service
  • T1071
    Application Layer Protocol
  • T1140
    Deobfuscate/Decode Files or Information

Malware (2)

  • StealC
    Family
    Published 27/03/2026 08:46 · Modified 27/03/2026 08:46
  • LOTUSLITE
    Family
    Published 22/04/2026 01:40 · Modified 22/04/2026 01:40

Others (20)

  • Israel
  • Iran, Islamic Republic of
  • Bahrain
  • Iraq
  • Finance
  • Defense
  • Government
  • arch.megadatahost1.lol
  • irandonation.org
  • flourishingscreencousin.com
  • nowarwithiran.store
  • cfgomma.com
  • media.megadatahost1.lol
  • media.hyperfilevault2.mom
  • e-kflower.com
  • media.maxdatahost1.cyou
  • arch2.megadatahost1.lol
  • khameneisol.xyz
  • media.megafilehost2.sbs
  • arch2.maxdatahost1.cyou

External references