clearsky – WindowsTechs.com

Suspected Iranian hackers pose as ransomware operators to target Israeli organizations

Posted on May 25, 2021 by Sean Lyngaas

Ever since a 2012 hack that disabled tens of thousands of computers at oil giant Saudi Aramco, suspected Iranian operatives have been known to regularly use data-wiping hacks against organizations throughout the Middle East. Now, one such possible group has been posing as ransomware operators in an effort to conceal the origin of a series of data-wiping hacks against Israeli organizations, according to private-sector investigators. The hackers are demanding extortion fees even when the code they deploy deletes data rather than unlocks it. The findings, published Tuesday by security firm SentinelOne, suggest a growing willingness by certain Iran-linked hacking groups to use tactics associated with financially motivated criminals in order to advance their interests. “Deploying ransomware is a disruptive act that provides deniability, allowing the attackers to conduct destructive activity without taking the full responsibility of those acts,” said Amitai Ben Shushan Ehrlich, a threat intelligence researcher at SentinelOne. SentinelOne […]

The post Suspected Iranian hackers pose as ransomware operators to target Israeli organizations appeared first on CyberScoop.

Continue reading Suspected Iranian hackers pose as ransomware operators to target Israeli organizations→

Alleged North Korean hackers scouted crypto exchange employees before stealing currency, researchers say

Posted on May 24, 2021 by Sean Lyngaas

Suspected North Korean hackers have breached cryptocurrency exchanges in Japan, Europe, the U.S. and Israel in an effort to steal millions of dollars from the platforms in the last three years, according to a new private sector report. The analysis published Monday by the Israeli security firm ClearSky names Lazarus Group, which U.S. officials say works on behalf of the North Korean government, as the suspect in a hacking campaign that began with attackers scouting cryptocurrency exchange employees and ended with money leaving user accounts. Cryptocurrency helps North Korea blunt the financial impact of international sanctions, as virtual payment techniques are popular on black markets, difficult to trace and exist largely outside the global financial system. A United Nations panel in 2019 implicated North Korean hackers in the theft of $571 million from five cryptocurrency exchanges in Asia. Those hacks are “probably” done to fund North Korean “government priorities, such […]

The post Alleged North Korean hackers scouted crypto exchange employees before stealing currency, researchers say appeared first on CyberScoop.

Continue reading Alleged North Korean hackers scouted crypto exchange employees before stealing currency, researchers say→

Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign

Posted on February 18, 2020 by Tara Seals

APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware. Continue reading Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign→