Hackers believed to be working on behalf of the Iranian government have targeted Iraqi government institutions and other entities in the country, as part of a new espionage campaign, according to an analysis by a cybersecurity firm.

Check Point published an analysis on its official website in which it said that the “APT34” group, also known as “Oilrig,” has used during the past few months a new group of malware called “Veaty” and “Spearal” against targets in Iraq. .

It is known that this group is affiliated with the Iranian Ministry of Intelligence, according to the analysis.

The hackers were able to carry out their attacks by using channels that penetrate the victims’ emails within the targeted organizations, as the analysis indicates that the hackers lured their victims to open malicious files sent to them in the form of document attachments.

Check Point researchers noted that “this campaign against the Iraqi government’s infrastructure highlights the ongoing and focused efforts made by Iranian threat actors operating in the region.”

Researcher Sergey Shekevich told Recorded Future News that the newly discovered malware is “particularly complex and difficult to detect, and reveals a worrying pattern of persistent state-linked cyber threats.”

Previous reports indicated that the group primarily targets organizations in the Middle East, especially in Saudi Arabia, the Emirates, Iraq, Jordan, Lebanon, Kuwait, and Qatar, as well as in Albania, the United States, and Turkey.

Recently, reports indicated that the Iranian group carried out attacks inside Israel coinciding with the escalation of the conflict in Gaza.

Last October, cybersecurity researchers discovered that hackers affiliated with the group spent eight months inside the systems of an unidentified Middle Eastern government, stealing files and emails.