Is TunnelVision a NEW hacking group controlled by Iranian State???

TunnelVision.. a new Iranian State Actor 

Sentinel Labs reports that potential new Iranian hacking group called TunnelVision have been discovered! They are called TunnelVision because of their constant and excessive reliance on tunneling tools to achieve evil goals. TunnelVision has been caught exploiting the Log4j vulnerability to gain backdoor access to VMWare Horizon.

PowerShell code used to perform exploit 

TunnelVision have been spotted exploiting Fortinet FortiOS Vulnerability CVE-2018-13379 Microsoft Exchange vulnerability ProxyShell and now most recent Log4J. It was easy for Sentinel Labs to attribute this activity to TunnelVision as every time they exploited a innocent victim they used a unique way of tunneling to do so. They relied heavily on Fast Reverse Proxy Client FRPC and Plink to commit their crimes.  

PowerShell code used for Reverse Shells 

The Log4j Exploit is used by TunnelVision by running malicious commands from Tomcat.exe executable in VMWare horizon and then use  Tunneling server 142.44.135[.]86  to link up to a lot of C2 servers like hxxp://google.onedriver-srv.ml/gadfTs55sghsSSS. 

Sentinel Labs also says that TunnelVision could be Charming Kitten AKA Nemesis Kitten AKA APT35 trying out a new evil hacking method but it is not clear if this is the case at this time period.

When will this regime stop meddling?? 🙄🙄