Targeting of Asian airline
Date of report
  • December 2021
An Iranian threat actor was found using a backdoor against an Asian airline in the summer of 2021. The attackers used Slack as the command and control hub for the backdoor they had inserted, the first observation of the use of the workplace messaging application in such a way by a state-sponsored actor. 
Suspected victims
  • An unidentified Asian airline
Suspected state sponsor
  • Iran (Islamic Republic of)
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown