Last Updated on 22/11/2021 by TheDigitalHacker
Over the past few years, Iranian hackers have adapted new tools, techniques, and processes to make their hacking more sophisticated. This has been disclosed recently by the Microsoft Threat Intelligence Center (MSTIC) in one of its reports.
MSTIC is a global community of security experts that examines and discloses information about online security threats.MSTIC has researched for a year to prepare this report. These hacking groups include DEV-0146, DEV-0227, DEV-0198, DEV-0500, Rubidium, and Phosphorus.
According to MSTIC, these groups are not only stealing the data of the users but are also demanding a high ransom amount from them to not disclose their data publicly. By using new technologies these Iranian hacking groups have now joined the list of big hacking and ransomware groups.
If MSTIC is to be believed, so far these Iranian hacking groups have carried out many cyber-espionage, phishing, supply-chain, and password sprinkling attacks. Multi-platform malware is being exploited to carry out these attacks. Not even American defense tech firms could escape the attacks of these hackers.
According to the MSTIC report, password-spraying attacks have been carried out to hack the data of these firms on a large scale. Office 365 accounts were also targeted with the help of social engineering.
To carry out these cyber-attacks, hackers took advantage of several exploitable vulnerabilities such as the vulnerability of Exchange Server ProxyShell and Fortinet Fortios SSL VPN. By taking advantage of an unpublished Fortinet VPN system, the hackers stole about 900 valid credentials in plain text.