Iranian State-Sponsored OilRig Group Deploys Three New Malware Downloaders

The downloaders named ODAgent, OilCheck, and OilBooster, along with an updated version of SampleCheck5000, were used to blend with authentic network traffic and cover up the group’s attack infrastructure.