New Attack Group Targets Saudi IT Providers

New Attack Group Targets Saudi IT Providers

A previously undocumented threat group has been mounting what appear to be supply-chain attacks against IT providers in the Middle East.





Since July 2018, Tortoiseshell Group has targeted at least 11 organizations, using a deadly mix of custom-made and off-the-shelf malware. The majority of the companies to come under virtual fire are based in Saudi Arabia.





Tortoiseshell's nefarious activities were spotted by researchers at Symantec, who have recorded activity stemming from the group as recently as July 2019. 

..