Google Confirms an Iranian Group Is Trying to Access Emails Linked to Both US Presidential Campaigns

August 15, 2024 at 06:39AM Google’s threat intelligence has uncovered an Iranian-linked group’s attempt to infiltrate the personal email accounts of individuals connected to President Biden and former President Trump. The group targeted Biden, Trump, and Vice President Harris, and its activities align with a broader pattern of attempts to disrupt the U.S. election. This … Read more

Iran’s MuddyWater phishes Israeli orgs with custom BugSleep backdoor

July 16, 2024 at 08:09PM MuddyWater, an Iranian government-linked cyber espionage group, has enhanced its malware with a custom backdoor, targeting Israeli organizations. Utilizing phishing lures, the group sends emails with malicious links, infecting victim devices with BugSleep malware. The evolving tactics and wider targeting pose challenges for detection and increase the group’s potential impact. … Read more

New BugSleep malware implant deployed in MuddyWater attacks

July 15, 2024 at 02:32PM The MuddyWatter hacking group has developed a new custom-tailored malware implant called BugSleep. It is distributed through phishing emails disguised as invitations to webinars or online courses. The malware is injected into various apps and is actively being developed, indicating a trial-and-error approach. MuddyWatter has shifted to using BugSleep instead … Read more

MuddyWater hackers deploy new BugSleep backdoor malware in attacks

July 15, 2024 at 02:24PM The Iranian-backed MuddyWatter hacking group has developed a new custom malware called BugSleep. Analysts at Check Point Research discovered the malware being distributed via well-crafted phishing lures. This new backdoor, actively developed and partially distributed, signals a shift from the group’s previous tactics. MuddyWatter’s cyber-espionage campaigns target various global industries. … Read more

New BiBi Wiper version also destroys the disk partition table

May 20, 2024 at 12:10PM The BiBi Wiper malware’s new variants are targeting Israeli and Albanian systems, linked to an Iranian hacking group named ‘Void Manticore.’ Check Point Research uncovered newer variants and operational overlaps involving another Iranian threat group. The malware is designed to complicate data restoration efforts, significantly extending downtime for targeted victims … Read more

Iran Dupes US Military Contractors, Gov’t Agencies in Years-Long Cyber Campaign

April 24, 2024 at 10:48AM An elite team of Iranian hackers infiltrated US companies and government agencies’ employee accounts in a multiyear cyber espionage campaign, aiming to steal military secrets. Entities including the US Departments of Treasury and State, defense contractors, and a hospitality company were compromised. Four Iranian nationals have been indicted, but their … Read more

$10 Million Bounty on Iranian Hackers for Cyber Attacks on US Gov, Defense Contractors

April 23, 2024 at 04:00PM Four Iranian nationals were indicted in Manhattan federal court for conducting a cyber-espionage campaign targeting U.S. government departments, defense contractors, and private firms, using sophisticated hacking techniques to access and compromise critical systems. The group, still at large, is accused of targeting over a dozen private US companies, primarily cleared … Read more

Israeli Universities Hit by Supply Chain Cyberattack Campaign

March 13, 2024 at 03:05AM Iranian hacktivists executed a supply chain attack on Israeli universities by breaching a local technology provider, Rashim Software, and accessing universities’ systems. Op Innovate confirmed the exposure of student data and identified weak access controls and email-based authentication as contributing to the breach. The incident highlights the risk of supply … Read more

U.S. charges Iranian for hacks on defense orgs, offers $10M for info

March 1, 2024 at 09:47AM The U.S. Department of Justice indicted Alireza Shafie Nasab, an Iranian national, for cyber-espionage targeting U.S. government and defense entities. Operating from 2016 to April 2021, Nasab and co-conspirators employed phishing and hacking techniques to compromise over 200,000 devices, resulting in charges carrying 5 to 20 years in prison. The … Read more

Iranian Hackers Target Aviation and Defense Sectors in Middle East

February 29, 2024 at 09:27AM Iranian hackers have been utilizing Microsoft Azure cloud infrastructure in attacks on aerospace, aviation, and defense organizations in the Middle East, particularly in Israel and the UAE. The hacking group, UNC1549, has deployed two backdoors named MiniBike and MiniBus. These activities are linked to Iran’s Islamic Revolutionary Guard Corps. Mandiant … Read more