Dust Specter APT Targets Government Officials in Iraq
IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. Due …
The following sections cover Attack Chain 1 and Attack Chain 2, which ThreatLabz observed in-the-wild during this campaign. Attack Chain 1 uses a split architecture with two components, a worker modu… [+12748 chars]