Iranian computers | Breaking Cybersecurity News | The Hacker News

A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed " Fox Kitten ," the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and security sectors. "We estimate the campaign revealed in this report to be among Iran's most continuous and comprehensive campaigns revealed until now," ClearSky researchers said . "The revealed campaign was used as a reconnaissance infrastructure; however, it can also be used as a platform for spreading and activating destructive malware such as ZeroCleare and Dustman." Tying the activities to threat groups APT33, APT34, and APT39, the offensive — conducted using a mix of open source and self-developed tools — also facilitated the groups to steal sensitive information

The Federal Bureau of Investigation (FBI) has lengthened its Most Wanted List by adding seven Iranian hackers who are accused of attacking a range of US banks and a New York dam. On Thursday, the United States Department of Justice (DoJ) charged seven Iranian hackers with a slew of computer hacking offences for breaking into computer systems of dozens of US banks, causing Millions of dollars in damages, and tried to shut down a New York dam. The individual hackers, who allegedly worked for computer security companies linked to the Iranian government, were indicted for an " extensive campaign " of cyber attacks against the US financial sector. All the seven hackers have been added to the FBI's Most Wanted list, and their names are: Ahmad Fathi , 37 Hamid Firoozi , 34 Amin Shokohi , 25 Sadegh Ahmadzadegan (aka Nitr0jen26), 23 Omid Ghaffarinia (aka PLuS), 25 Sina Keissar , 25 Nader Saedi (aka Turk Server), 26 All the hackers have been charg

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

For all the talk about China and the Syrian Electronic Army, it seems there's another threat to U.S. cyber interests i.e Iran. Series of potentially destructive computer attacks that have been targeting American oil, gas and electricity companies tracked back to Iran. Iranian hackers were able to gain access to control-system software that could allow them to manipulate oil or gas pipelines. Malware have been found in the power grid that could be used to deliver malicious software to damage plants. The targets have included several American oil, gas and electricity companies, which government officials have refused to identify. The officials stated that the goal of the Iranian attacks is sabotage rather than espionage . Whereas, The cyber attacks from China however, are more aimed at stealing information from the U.S. government that is confidential, as well as from private business.  Mandiant announced that the Chinese government was backing the attacks. However, officials fr

IRAN has spent years fending off cyber attacks, blocking access and isolated their own intranet off from the outside world. Many Iranians was using of virtual private network (VPNs), which provides encrypted links directly to private networks based abroad, to access Sites like YouTube and Facebook after bypassing the country's internet filter. But recently, Iranian authorities have blocked the use of most virtual private network to stop people in the country from circumventing the government's internet filter. A widespread government internet filter prevents Iranians from accessing many sites on the official grounds they are offensive or criminal. Ramezanali Sobhani-Fard, the head of parliament's information and communications technology committee said, " Within the last few days illegal VPN ports in the country have been blocked. Only legal and registered VPNs can from now on be used. " Registered and legal VPN access can still be purchased, but the typical fi

Iranian CERT is sounding the alarm over another bit of data-deleting malware it's discovered on PCs in the country. Dubbed Batchwiper , the malware systematically wipes any drive partitions starting with the letters D through I Drive, along with any files stored on the Windows desktop of the user who is logged in when it's executed Why naming Batchwiper ?  The name was chosen because the malware is packed in a batch file. The malware initiates its data wiping routine on certain dates, the next one being Jan. 21 2013. However, the dates of Oct. 12, Nov. 12 and Dec. 12, 2012, were also found in the malware's configuration, suggesting that it may have been in distribution for at least two months. GrooveMonitor.exe is the original dropper, which is a self-extracting RAR file, once executed it extracts the following files: -- \WINDOWS\system32\SLEEP.EXE, md5: ea7ed6b50a9f7b31caeea372a327bd37 -- \WINDOWS\system32\jucheck.exe, md5: c4cd216112cbc5b8c046934843c579f6 -- \WIND