Iranian hackers to launch data destroying malware on Western countries

All these days hackers from Iran were seen indulging in activities such as DDoS attacks and espionage. But now, there is evidence that these hackers have decided to launch malware campaigns that are capable of destroying data on the servers being operated in Western countries. This includes data being stored on public and private entities such as critical infrastructure owned by countries.

Revealing the same at the CyberwarCon Conference held in Arlington, Virginia; Ned Moran a security researcher from Microsoft ringed the alarm bell. Ned said that his security team’s discovery has found that the Iranian hacking group dubbed APT33 has changed its hacking objective by shifting its focus from espionage to data destroying campaigns.

APT33 also named Holmium, or Refined Kitten or Elfin the group is said to carry out disruptive cyberattacks on the critical infrastructure of western countries. The team of researchers from Microsoft’s Threat Intelligence Group has already said found that the hacking group has started groundwork on this issue and devised a virus called StoneDrill which is more powerful from Shamoon malware and is being integrated with TURNEDUP backdoor software.

Last year, McAfee reported the same and has disclosed the news with evidence which says that the hacking group has already succeeded in planting the malware on the servers of some private technology companies operating in the west and is now reaping out financial benefits with the intrusion.

What type of data was accessed by the hackers and the information related to the infiltrated servers is yet to be known.

But Microsoft researchers claim that the hacking group managed to intrude the servers with the help of password spray and has been indulging in such activities by targeting at least 2000 companies per month.

Ned Moran said that half of those companies happen to be manufactures, suppliers, or maintenance contractors of Industrial Control Systems (ICS).

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display