Iranian government-sponsored hackers deploy massive ransomware campaign

A recent security report states that the Iranian government is behind an ambitious ransomware campaign deployed through an Asian-based contracting company. According to Flashpoint experts, Iran’s Islamic Revolutionary Guard Corps (IRGC) is operating this campaign through a company called Emen Net Pasagard.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

This campaign, identified as “Project Signal” would have started in mid-2020 with the identification of some websites as potential cyberattack targets. Flashpoint experts mention that the motivations of this group are completely financial, in addition to being able to describe the working mechanisms of hackers, including the use of Bitcoin and the leakage of compromised information.

Iranian government-sponsored hackers deploy massive ransomware campaign
FUENTE: Flashpoint

However, the investigators were unable to confirm if the attacks occurred strictly as described in the hacker documents or whether the above objectives were actually compromised, although some things are known about the aforementioned contracting company: “ENP operates on behalf of Iranian intelligence services, including the Ministry of Intelligence and Security and Quds forces” experts say.

Another theory of researchers is that hackers are simply mimicking the tactics and procedures of some ransomware groups in order to make it difficult to detect or to make researchers mistakenly attribute these attacks to certain better-known hacking groups.

The detection of this campaign coincides with the launch of “Pay2Key”, an attack project that engaged dozens of Israeli-based companies. Subsequent investigations mention that the attack would have been deployed by a hacking group identified as Fox Kitten, although the possibility of a link between the two campaigns has not been mentioned.

Other major investigations have focused on the activities of Iran-based and government-sponsored hacking groups. Previously the cybersecurity community warned of a hacking group identified as OilRig, which had a huge arsenal of cyber weapons at its disposal; a report detailing the activities of at least 66 potential attack targets around the world was added to this report. 

This news also occurs at the time of the launch of Ransomware Task Force, a joint effort by multiple technology companies and government organizations to try to stop the growth in the activity of encryption malware operator groups, publishing updated information and issuing guidelines for prevention and, where appropriate, attention to these attacks.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Iranian government-sponsored hackers deploy massive ransomware campaign appeared first on Cyber Security News | Exploit One | Hacking News.

By admin