An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, according to the Feds, as part of a multiyear cyber espionage campaign aimed at stealing military secrets. The US Departments of Treasury and State are among those compromised in the elaborate campaign, which lasted […]
The Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies.
During the “Swords of Iron War” against Hamas terrorists, Iranian threat actors increased the intensity of their “hack and leak” fake hacktivist operations against Israeli companies in the private sector. This blog post highlights some of the recent attacks conducted and provides an analysis of “DarkBeatC2,” the latest C2 framework in MuddyWater’s arsenal. Executive Summary […]
The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. “While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater’s methods remain constant,” Deep Instinct security researcher Simon […]
An Iranian state-backed hacking group recently infiltrated a company that makes academic administration software and used that access to intimidate other Israeli organizations, analysts said on Thursday. The overall goal of the operation appeared to be hacktivism and not necessarily financial gain, according to OP Innovate, the Israeli company that investigated the incident. In November, […]
U.S. authorities charged an Iranian national for long-running hacking campaign Pierluigi Paganini March 02, 2024 The U.S. DoJ charged Iranian national Alireza Shafie Nasab for his role in attacks targeting U.S. government and defense entities. The U.S. Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. defense […]
Iranian nation-state threat actors are targeting entities based in the U.S. and Israel, according to research that Google published Tuesday. According to a report about cyberwarfare surrounding the ongoing Israel-Hamas war that began in October, “Iran aggressively targeted Israel and the United States in the years leading up to Hamas’ attack on October 7” and […]
Iranian crypto exchange Bit24.cash leaks user passports and IDs Pierluigi Paganini January 07, 2024 Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced cryptocurrency significantly. Last year, Iranian crypto exchanges facilitated transactions totaling nearly $3 billion. […]
In its latest campaign, Iranian state-backed hackers, Peach Sandstorm, employs FalseFont backdoor for intelligence gathering on behalf of the Iranian government. Cybersecurity researchers at Microsoft Threat Intelligence Unit have uncovered the latest activities of the Iranian nation-state actor Peach Sandstorm, also known as HOLMIUM. The group has been making efforts to deploy a newly developed […]