Connect with us

Hi, what are you looking for?

Tech

FireEye Uncovers Yet Another Cyber Espionage

FireEye, which has been responsible for uncovering many a cyber espionage, recently discovered yet another one, when it found out that Iranian hackers were behind the alleged spying and hacking of several companies in the US, Middle East, and Asia. The companies which have been spied upon are mostly connected to the petrochemical industry, military, and commercial aviation.

A Hacking Pattern Emerges

If one observes carefully, a pattern emerges from the findings of Mandiant, a subsidiary of the security firm FireEye. The findings reveal that petrochemical industry related hacking was carried out mostly within the Middle East countries, which clearly indicates that the information obtained will be used by the country to stay on top when it comes to petroleum.

Similarly, military and aviation-related spying indicate that Iran is preparing itself for a war, if such a need arises. For a long time, Iran has been blamed as a country which state-sponsors various hacking-related activities. And the one that has been identified now only seems to confirm these doubts.

FireEye Names The Group Of Hackers APT33

Being dubbed as APT33 – where APT stands for Advanced Persistent Threats – it seems the group of hackers has targeted its victims mostly used spear phishing among other techniques. John Hultquist, director of intelligence analysis for FireEye, has been quoted as saying, “These campaigns demonstrate the depth of Iran’s cyber capabilities. Actors like APT33, now narrowly focused on the Middle East, are the tools Iran will reach for if they choose to carry out attacks in the future”.

More On FireEye’s Findings

The findings also reveal that hacking activity was most prevalent from Saturdays to Wednesdays – which seems to correspond exactly with the Iranian work week. FireEye was able to trace back its research to Iran when it came across the activity of the hacker who goes by the pseudonym “xman_1365_x”, who has been linked with Iranian Nasr Institute – a suspected Iranian government hacking organization.

It has also been found out that APT33 has been operational since 2013. And as a part of its modus operandi, it sends phishing mails to its targets, typically containing lucrative job advertisements. Emails which usually contain a malicious link, which when clicked, will supposedly launch a backdoor on the target’s PC.

FireEye also found some similarities in the malware used by APT33 to that of Shamoon, the Iran-linked cyberattack which literally wiped out nearly three-quarters of the computers at the Saudi Oil Company in 2012. The constant stream of cyber espionages emerging out of Iran has made it one of the West’s most dangerous cyber adversaries, along with Russia, China, and North Korea.

Elaborate CyberAttacks May Follow

Knowing well the prolonged tension between US and Iran, the security community believes that Iran may have equipped itself with more elaborate cyberattacks – with the recent reconnaissance conducted by APT 33 being the precursor – which it may unleash on its enemies if such a need arises. It is widely believed that the US and Israel were behind the attacks launched on Iran’s nuclear program with a malware named Stuxnet in 2010. Therefore maybe it’s time Iran retaliated on a large scale with its own malware.

Julia is a security geek with almost 5+ years of experience, writes on various topics pertaining to network security.

Written By

Julia is a security geek with almost 5+ years of experience, writes on various topics pertaining to network security.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like

Tech

In this technical write-up, we are going to learn what VAPT is and what the purpose of VAPT is. Also, we have mentioned the...

Web

Cyber crimes are constantly on the rise; with security measures and online protection being upgraded daily, this still seems like a very challenging battle....

Web

Back in 2005 the Internet was buzzing over so called “spyware wars” between the US government and the use of spyware. Back then, spyware...