Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets
A Iranian hacking group has been targeting aerospace and energy companies in Saudi Arabia, South Korea and the U.S. since at least 2013 as part of an expansive cyber espionage operation to both gather intelligence and steal trade secrets, according to new research published Wednesday by U.S. cybersecurity firm FireEye. This advanced persistent threat group (APT) is labeled APT33 by FireEye. Wednesday’s report by FireEye offers a distinct view of the group’s activity. APT33 is likely related to hacking campaign dubbed StoneDrill by Kaspersky Lab, researchers say. Based on information that appears to have been accidentally left behind in past attacks, analysts believe APT33 is linked to the Iranian government. Most of the group’s operations to date have largely focused on sending targeted phishing emails with malware-laden HTML links to infect specific computers with a custom backdoor implant known as “TURNEDUP.” But there’s also some evidence to suggest they’re capable of launching data […]
The post Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets appeared first on Cyberscoop.