Iranian Hacking: MiniFast and MiniJunk V2 Lurking
Iran-sponsored threat actors are employing new phishing and SEO poisoning tools and tactics to target key organizations.

Iranian Hacking: MiniFast and MiniJunk V2 Lurking
A group of Iranian hackers, identified as Nimbus Manticore (also known as Screening Serpens and UNC1549), has launched a new cyberattack campaign. This offensive, detected following the joint military operation between the US and Israel against Iran in late February 2026, utilizes sophisticated tactics to infiltrate corporate systems.
New Tools and Attack Tactics
The malicious activity focuses on the deployment of two new tools: MiniFast and MiniJunk V2. These tools are distributed through social engineering methods, primarily via phishing emails and search engine result poisoning (SEO poisoning). The goal is to trick users into clicking malicious links or downloading infected files.
The Threat's Focus
The cybercriminals are directing their attacks at organizations in critical sectors such as aviation and software. The target regions for this campaign include the United States, Europe, and the Middle East. The choice of these industries and locations suggests a strategic interest in obtaining sensitive information or disrupting operations.
Motivations and Potential Consequences
While the exact motivations of Nimbus Manticore are not fully clear, this type of state-sponsored activity often aims for data exfiltration, espionage, or preparation for more destructive attacks. The implementation of new malware variants like MiniFast and MiniJunk V2 indicates a constant evolution in their capabilities and an effort to evade existing cybersecurity defenses. The potential integration of ransomware in future phases of these attacks cannot be ruled out, which would significantly increase the impact for affected organizations.
The continuous emergence of new threats underscores the importance of maintaining a robust security posture. For companies and governments, this implies not only implementing technical measures but also providing continuous training for personnel against growing cybersecurity threats. It is crucial to stay informed about the latest developments in the security landscape, as discussed in articles on Cybersecurity: Multiple Vulnerabilities and New Threats.
Conclusion: Constant Vigilance
The Nimbus Manticore campaign is a reminder of the dynamic nature of the threat landscape. The sophistication of the tactics employed, combined with the use of new malware tools, demands constant vigilance and proactive adaptation of cybersecurity strategies. Prevention through awareness and rapid detection of vulnerabilities are essential steps to mitigate the risk of a successful hack.
Related articles
11 de julio de 2026
Condemna històrica: membre de la banda Ryuk ransomware admet la seva culpabilitat
Un ciutadà armeni es declara culpable als EUA pel desplegament de ransomware Ryuk, afrontant una possible sentència de 15 anys de presó.
11 de julio de 2026
Historic Conviction: Ryuk Ransomware Gang Member Admits Guilt
An Armenian national pleads guilty in the U.S. for deploying Ryuk ransomware and faces a potential 15-year prison sentence.
11 de julio de 2026
Condena histórica: miembro de la banda Ryuk ransomware admite su culpa
Un ciudadano armenio se declara culpable en EE. UU. por el despliegue de ransomware Ryuk, enfrentando una posible sentencia de 15 años de prisión.
10 de julio de 2026
Hackers exploten Microsoft Entra: Nova vulnerabilitat en passkeys
Un grup d'actors maliciosos utilitza enginyeria social per comprometre comptes de Microsoft 365 mitjançant falsos registres de passkeys a Entra.
Loading comments...