#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Iranian Hackers | Breaking Cybersecurity News | The Hacker News

Call for Articles : THN Magazine June 2012, Malware Edition

Call for Articles : THN Magazine June 2012, Malware Edition

May 21, 2012
Call for Articles : THN Magazine June 2012, Malware Edition The Hacker News is calling for our June Magazine on the issue related to MALWARE . We'd like to see an analysis of the history of these most worrying viruses and the contemporary usage in cyber espionage and cyber warfare. It would be interesting to analyze the impact of the malware diffusion in the private sector and in government agencies, emphasizing the effectiveness of the cyber threat. Other topics to study are cyber crime activities that involve malware as method of monetization, with particular references to principal frauds schemes. What is the awareness level on hazards of the malware in common people and how the theat could harm new scenarios like mobiles and Cloud. What are the main countermeasures to mitigate virus diffusion? Thank you for your thoughtful consideration and we are looking forward to your work on this very important topic!  Email us at  admin@thehackernews.com Download all THN Magazin
Iran Preparing For Cyberwar Against U.S

Iran Preparing For Cyberwar Against U.S

Apr 26, 2012
Iran Preparing For Cyberwar Against U.S Security professionals in both the U.S. government and in private industry have long feared the prospect of a cyberwar with China or Russia, two states capable of launching destructive attacks on the computer networks that control critical assets such as the power grid or the financial system. But, Iran is recruiting a hacker army to target the U.S. power grid, water systems and other vital infrastructure for cyberattack in a future confrontation with the United States, security specialists will warn Congress Thursday. " If Iran is willing to blow up a Washington restaurant and kill innocent Americans, we would be naive to think Iran would never conduct a cyberattack against the U.S. homeland ," said Counterterrorism and Intelligence Subcommittee Chairman Pat Meehan, R-Pa. " Over the past three years, the Iranian regime has invested heavily in both defensive and offensive capabilities in cyberspace ," states testimony from Ilan Berman, vi
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Cyber Attack on The Iranian Oil Ministry's Computer Network

Cyber Attack on The Iranian Oil Ministry's Computer Network

Apr 23, 2012
Cyber Attack on The Iranian Oil Ministry 's Computer Network The Iranian oil ministry's computer network came under attack from hackers and a computer virus, prompting the Islamic Republic to disconnect the country's main oil export terminal from the internet as a preventative measure, a semiofficial news agency reported on Monday. The Mehr News Agency, which is a semi-official arm of the Iranian government, reported Monday that the country's principal oil terminal on Kharg Island was disconnected from the Internet as part of the response to the attacks. Email systems associated with the targets were also pulled offline. Iranian officials said the virus attack, which began in earnest Sunday afternoon, had not affected oil production or exports, since the industry was still primarily mechanical and does not rely on the Internet. Officials said they were disconnecting the oil terminals and possibly some other installations in an effort to combat the virus. Cyberattac
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Iran Replicating Captured U.S. Drone RQ-170 Sentinel

Iran Replicating Captured U.S. Drone RQ-170 Sentinel

Apr 22, 2012
Iran Replicating Captured U.S. Drone RQ-170 Sentinel Iranian military aerospace chief General Amir Ali Hajizadeh was quoted having said:" The Americans should be aware to what extent we have infiltrated the plane. " Iran has broke the encryption codes and begun construction of a replica of the United States surveillance drone captured last year, according to Iranian officials. American spy drone that went down in Iran last year, including information that the aircraft was used to spy on Osama bin Laden weeks before he was killed. Iran also said it was building a copy of the drone. US Senator Joe Lieberman dismissed the claim that a copy was being made as " Iranian bluster " saying, "they're on the defensive because of our economic sanctions against them". The U.S. says the drone malfunctioned and downplayed any suggestion that Iran could mine the aircraft for sensitive information because of measures taken to limit the intelligence value of drones operating
Banking System Vulnerability - 3 million bank accounts hacked in Iran

Banking System Vulnerability - 3 million bank accounts hacked in Iran

Apr 17, 2012
Banking System Vulnerability - 3 million bank accounts hacked in Iran Iran's Central Bank has announced that the electronic information of 3 million customers of 10 Iranian banks have been compromised. These banks now require their customers to change their ATM pin numbers before they can access their account. This has caused a rush to the ATM machines by the worried customers. The hacker was identified as Khosro Zare', a former bank-system specialist in Iran who recently left the country.Zare' claimed in a blog that he hacked the PIN codes to highlight the vulnerability of Iran's banking system. According to the report, the hacker had provided the managing directors of the targeted banks with information about the bank accounts of 1000 customers in the previous Iranian calendar year (ended on March 19) to warn them about the susceptibility of their computer systems and networks to cyber threats. But Central bank officials had earlier downplayed the reports, sayi
Stuxnet was planted by Iranian double agent using memory stick

Stuxnet was planted by Iranian double agent using memory stick

Apr 14, 2012
Stuxnet was planted by Iranian double agent using memory stick The Stuxnet computer worm used to sabotage Iran's nuclear program was planted by a double agent working for Israel. The agent used a booby-trapped memory stick to infect machines deep inside the Natanz nuclear facility, according to a report published  on Wednesday. The worm is believed to have been placed on a specially crafted USB memory stick and handed over to a Natanz worker who, by all accounts, was an Iranian national belonging to a dissident group named Mujahideen-e Khalq (MEK). "The MEK has been listed as a 'foreign terrorist organization' since 1997 because of deadly attacks on Americans abroad, but members of the group have been trained at a secret site in Nevada. U.S. officials consider them 'the assassination arm of Israel's Mossad intelligence service' as they have been connected to the killing of five Iranian nuclear scientists since 2007. The incident with Stuxnet is not the fir
Iran replacing Google, Hotmail with its own internal search engines and email services

Iran replacing Google, Hotmail with its own internal search engines and email services

Apr 12, 2012
Iran replacing Google, Hotmail with its own internal search engines and email services Iran has denied the report that it plans to cut itself off from the Internet. In a statement, the ministry said " The report is in no way confirmed by the ministry ". It added that it was " completely baseless ," and that it served only, " the propaganda wing of the West and providing its hostile media with a pretext emanating from a baseless claim ". Iranian minister for Information and Communications Technology Reza Taghipour was reported to have said that Iran plans to disconnect itself from the Internet and replace popular services like Google, Yahoo, and Hotmail with homegrown, Iranian services. They also claim that a system is in beta testing which includes a search engine called " Ya-Haq ", which directly translates as "calling God". The government is already accepting applications for Iran Web Mail accounts , which require you to enter a first and last name, postal add
Kelihos Botnet with 110,000 PCs take down finally

Kelihos Botnet with 110,000 PCs take down finally

Mar 29, 2012
Kelihos Botnet with 110,000 PCs take down finally Botnets are particularly insidious, using thousands of virus-infected computers which their owners are unaware are being used for sending out spam, launching denial-of-service attacks and stealing data.But taking down a botnet poses challenges. The main problem is that legitimate security companies can't use the same type of weapons as criminals. A group of malware experts from security companies Kaspersky Lab, CrowdStrike, Dell SecureWorks and the Honeynet Project, have worked together to disable the second version of the Kelihos botnet, which is significantly bigger than the one shut down by Microsoft and its partners. Kelihos is used to send spam, carry out DDoS attacks, and steal online currency such as bitcoin wallets. It operates as a so-called "peer-to-peer" bot network, which are more difficult to take down than those with a centralized command and control servers (C&C), according to Tillmann Werner, a senior
Six National Television Stations of Iran Hacked

Six National Television Stations of Iran Hacked

Mar 18, 2012
Six National Television Stations of Iran Hacked Co-Cain Warriors hackers today hack into 6 National Television Stations of Iran including Broadcasting Elam Center, IRIB Kermanshah Center, IRIB Kerman and 3 more. Hacker upload the deface page on their server and announce the day as " HappY 7Sin Day ". With growing conflicts in middle east more intrusions and DDOS attack on Iranian websites. Iran has been identified as the main cyber threat to the United States,Israel and European Countries. Yesterday we also report that, Iran's cyber defense headquarters has succeeded in making internal mail servers which would enable Iranian organizations and bodies to use local email addresses. Also last week, Iran launched a sophisticated cyber-attack against BBC Persian TV, according to the BBC News. The Reason behind this attack is part of a broader attempt by the government to disrupt the BBC's Persian service. This attack follows various tactics by the Iranian government, s
Iran Defense Forum users logins compromised and Leaked

Iran Defense Forum users logins compromised and Leaked

Mar 15, 2012
Iran Defense Forum users logins compromised and Leaked Hacker with name " Le0n B3lm0nt " claimed to hack into the Iran Defense Forum website (irandefence.net) and leak user details of all 3,212 members including their usernames, Emails and Passwords.  Iran Defense Forum is an independent forum that is not associated with the Iranian Government, neither it is affiliated with any governmental or regulatory agencies nor related to any political or religious entity. Hacker leak the database on Pastebin Note . Also two days before  Iran hacked BBC Persian TV  The Reason behind this attack is part of a broader attempt by the government to disrupt the BBC's Persian service. This attack follows various tactics by the Iranian government, such as harassment, arrests, and threats against the relatives of BBC Persia correspondents who still live in Iran, in an effort to force the journalists to quit the Persian news service.
BBC Persian TV hacked by Iranian government

BBC Persian TV hacked by Iranian government

Mar 14, 2012
BBC Persian TV hacked by  Iranian government According to BBC News, today Iran hacked BBC Persian TV ( https://www.bbc.co.uk/persian/ ) . This is not the first time the Iranian government has tampered with the BBC's Persian service, Zdnet Report. The Reason behind this attack is part of a broader attempt by the government to disrupt the BBC's Persian service. This  attack follows various tactics by the Iranian government, such as harassment, arrests, and threats against the relatives of BBC Persia correspondents who still live in Iran, in an effort to force the journalists to quit the Persian news service. In Addition to this, The BBC's London office was inundated with automatic phone calls and the company's satellite feeds into Iran were also jammed, while this only affected owners of illegal satellite dishes, these are of course the only ones that can receive the BBC signal in Iran. The BBC has previously accused Iran of attempting to jam its broadcasts by eliminating VPN network
Iran Cyber Army in Action, Azerbaijani TV Down !

Iran Cyber Army in Action, Azerbaijani TV Down !

Feb 24, 2012
Iran Cyber Army in Action, Azerbaijani TV Down ! As we reported Yesterday that Azerbaijan Arrests a Iranian terror group and in response Iranian Hackers hits many Azerbaijan Sites like, Azerbaijan airlines (https://azerbaijanairlines.org/) and National Olympic Committee Of Azerbaijan (https://noc-aze.org) . Today Iran Cyber Army also come into Action for supporting Iran and deface the Azerbaijan State Television & Radio Company, AzTV websites also. A message in English from the hackers popped up in place of the AzTV website when it was opened." Life is Game"Game OVER..!!! ", the message read and was signed " the Iranian Cyber Army ".The website has already been restored. The attacks came a month after anti-Israeli hackers broke into the sites of several ministries and the governing party, leaving messages calling the Azerbaijani authorities "servants of the Jews". Relations between the two countries are tense at present.Iran has accused Baku of helping
Azerbaijan Arrests Iranian terror group, Iranian Hackers hit Azerbaijan Sites

Azerbaijan Arrests Iranian terror group, Iranian Hackers hit Azerbaijan Sites

Feb 23, 2012
Azerbaijan Arrests  Iranian terror group , Iranian Hackers hit Azerbaijan Sites The National Security Ministry of Azerbaijan said Tuesday that it had disrupted a suspected terrorist group working for Iran's secret services. The people were gathering intelligence and had acquired a large number of weapons and explosives, the ministry said. The group, led by a Sepah officer called Hamid and Hezbollah operative Hadji Abbas, was planning to stage attacks against the Israeli embassy and a Jewish cultural center in the Azeri capital Baku. To response this,Iranian Hacking Group "Cocain TeaM" attack on the websites of Azerbaijan airlines (https://azerbaijanairlines.org/) and National Olympic Committee Of Azerbaijan (https://noc-aze.org) and manage to collect lot of info and sent that to Iranian Governments to show their patriotic responsibility towards country. Cocain TeaM deface the websites also. Mirror of Hacks: 1.)   https://zone-h.com/mirror/id/17070956 2.)   https://zone-h.com
Iran will Develop their own security Software, No more foreign Solution

Iran will Develop their own security Software, No more foreign Solution

Feb 21, 2012
Iran will Develop their own security Software , No more foreign Solution According to latest report, Iran's Information and Communications Technology Minister announce that - Iran has prohibited import of foreign computer security software. Because International sanctions stopped Iran from obtaining anti-virus software. So, Iran stressed that no foreign software for computer security will be imported into the country, adding that Iran will rely on its own software, made by local developers. The Bonian Daneshpajouhan Institute has about 25 smaller firms that develop domestic security software of various nature, and country will rely on it.  A senior Iranian intelligence official has claimed that an estimated 16,000 computers were infected by the Stuxnet virus, which targeted the country's nuclear facilities and other industrial sites in 2010. The ban is intended to push Iran into the production of its own malware defense instruments. Whether the Stuxnet virus affected only
Cyber War : Another 7000 Israel credit cards Exposed on Internet

Cyber War : Another 7000 Israel credit cards Exposed on Internet

Jan 18, 2012
Cyber War : Another 7000 Israel credit cards Exposed on Internet This week has began under worse auspices worse for Israel, which, despite its attention to the cyber threats posed by cyber-space, has been victim of a series of attacks that have checkmated the government of Jerusalem. Kosova Hacker's Security Group of Hackers today claim to release another Another 7000 Israel credit cards on Internet. Last week  xOmar from  "group-xp"  threatened the Israeli people by exposing millions of credit cards. After that Israel said that it will respond to cyber-attacks in the same way it responds to violent terrorist acts, by striking back with force against hackers who threaten the Jewish state.  The Dump of these 7000 Cards are posted on Tinypaste  by Kisova Hackers. Th3 Dir3ctorY, ThEtA.Nu, & X|CRIPO, three hackers from  Kosova Hacker's Security  Group posted all the credentials including full name of the card holder, CCV, card no, expiry date. More, Saudi cybe
The Saudi hacker to Mossad "Don’t waste your time by searching for me"!

The Saudi hacker to Mossad "Don't waste your time by searching for me"!

Jan 12, 2012
The Saudi hacker to Mossad " Don't waste your time by searching for me "! In a response to the Israeli hackers, the Saudi hacker xOmar exposed 200 Israeli credit cards and he described the Israeli hackers by idiots and he said that they published invalid credit cards. And he asked Mossad through his website not to search for him, because they won't catch him.  xOmar threatened the Israeli people by exposing 200 credit cards daily, and all of these credit cards are valid. speaking about the latest efforts to locate his place, he said '' I've heard from some idiots saying that I am from Mexico, and another said that I am in Riyadh, and last one said that I am from Dubai " and he said to mossad in a message '' don't waste your time '' The Secretary-General of the Committee on Information and awareness of banking in Saudi banks '' Tal'at hafiz '' have told the " Arabiya.Net " yesterday that Saudi banks ha
The Hacker News Hacking Awards : Best of Year 2011

The Hacker News Hacking Awards : Best of Year 2011

Dec 31, 2011
The Hacker News Hacking Awards : Best of Year 2011 2011 has been labeled the " Year of the Hack " or " Epic #Fail 2011 ". Hacking has become much easier over the years, which is why 2011 had a lot of hacking for good and for bad. Hackers are coming up with tools as well as finding new methods for hacking faster then companies can increase their security.  Every year there are always forward advancements in the tools and programs that can be used by the hackers. At the end of year 2011 we decided to give " The Hacker News Awards 2011 ". The Hacker News Awards will be an annual awards ceremony celebrating the achievements and failures of security researchers and the Hacking community. The THN Award is judged by a panel of respected security researchers and Editors at The Hacker News. Year 2011 came to an end following Operation Payback and Antisec, which targeted companies refusing to accept payments to WikiLeak's, such as, Visa and Amazon. Those attacks were carrie
Iran government websites now on local server to Protect them from Cyber Attacks

Iran government websites now on local server to Protect them from Cyber Attacks

Dec 22, 2011
Iran government websit es now on local server to Protect them from Cyber Attacks An Iranian official says the country has transferred the location of most of its government websites from foreign-based hosting agencies to new computer facilities inside the country to avert potential cyber attacks. The country's deputy minister for communications and information technology, Ali Hakim Javadi, Reuters reports that more than 90 percent of all the Iranian government's websites have had their hosting locations transferred inside the country. " Over 30 000 Iranian websites, including those of key institutions such as ministries, were hosted abroad, mainly in North America ," the Islamic Republic News Agency cited Ali Hakim Javadi, the Deputy Minister for Communications and Information Technology, as saying without specifying the countries involved. " The data was at risk of being accessed at any moment ."Iranian officials said last year that malicious software known as Stuxnet affected so
Iranian engineer hijack U.S. drone by GPS hack [Video Explanation]

Iranian engineer hijack U.S. drone by GPS hack [Video Explanation]

Dec 17, 2011
An Iranian engineer working on the captured US drone has said that Iran exploited a weakness in the craft's navigation system to hijack it. The aircraft was downed through a relatively unsophisticated cyber-attack that tricked its global positioning systems (GPS). The technique, known as " GPS spoofing " has been around for several years, and the Iranians began studying it in 2007, the engineer reportedly said. The U.S. Department of Energy notes that GPS is widely used, but insecure, although few users have taken note. GPS signals for the U.S. military are similarly insecure, and drones often rely on signals from multiple satellites. It's possible to spoof unencrypted civilian GPS systems. But military GPS receivers, such as the one likely installed on the missing drone, use the encrypted P(Y)-code to communicate with satellites. " With spoofing, an adversary provides fake GPS signals. This convinces the GPS receiver that it is located in the wrong place and/or time ," t
Duqu computer virus Detected by Iran civil defense organization

Duqu computer virus Detected by Iran civil defense organization

Nov 13, 2011
Duqu computer virus Detected by Iran civil defense organization The virus is called W32.Duqu, or just Duqu create fear after the opening Pandora's Box of Stuxnet. The head of Iran's civil defense organization told the official IRNA news agency that computers at all main sites at risk were being checked and that Iran had developed software to combat the virus. First, Duqu is not deigned to harm industrial automation. The software basically attacks windows systems. Instead of sabotaging industrial control, Duqu has been general remote access capabilities. Duqu has a key logger and can save passwords etc.. The malware uses HTTP and HTTPS to communicate to a command and control (C&C) server at 206.183.111.97, which is hosted in India, the IP is inactive as of October 18th. Duqu infiltrates systems directly it is not a worm like Stuxnet and needs to be placed directly, e.g. through infected mails.Duqu also the certificate of C-Media Electronics Incorporation, a Taiwanese audio ch
Cybersecurity Resources