Social News XYZ     

Iran-backed hackers now active to deliver ransomware globally

Iran-backed hackers now active to deliver ransomware globally

San Francisco, Feb 25 (SocialNews.XYZ) As Russia goes to war against Ukraine, hackers linked to the Iranian Ministry of Intelligence and Security are exploiting bugs to conduct cyber espionage and other malicious attacks against organisations globally including in Asia, the US and the UK, cyber and law authorities have warned.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the US Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom's National Cyber Security Centre (NCSC-UK) have observed a group of Iranian government-sponsored advanced persistent threat (APT) actors, known as MuddyWater.

 

"It is conducting cyber espionage and other malicious cyber operations targeting a range of government and private-sector organisations across sectors - including telecommunications, defense, local government, and oil and natural gas - in Asia, Africa, Europe, and North America," the agencies said in a statement late on Thursday.

According to CISA, the aim of the attacks is to gain access to networks to steal passwords and sensitive information "to share these with other malicious cyber actors".

MuddyWater is a subordinate element within the Iranian Ministry of Intelligence and Security (MOIS).

"This APT group has conducted broad cyber campaigns in support of MOIS objectives since approximately 2018. aMuddyWater' actors are positioned both to provide stolen data and access to the Iranian government and to share these with other malicious cyber actors," said the agencies.

MuddyWater actors are known to exploit publicly reported vulnerabilities and use open-source tools and strategies to gain access to sensitive data on victims' systems and deploy ransomware.

The authorities have recommended organisations to apply the mitigations in this advisory and review the following resources for additional information.

Source: IANS

Facebook Comments
Iran-backed hackers now active to deliver ransomware globally

About Gopi

Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.

He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.

When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.

He can be reached at gopi@socialnews.xyz