Iran caught red-handed plotting to steel state secrets from US in hidden video footage

HomeNews

Iran caught red-handed plotting to steel state secrets from US in hidden video footage

IBM's X-Force security team obtained roughly five hours of video footage apparently shot on the screens on hackers showing how to break into email

Iran threat: Hackers targeting US State Department caught red-handed
BBC licence fee row: Broadcaster caught in fiery rant as he slams 'medieval' prison threat
Musician recounts attack, shooting caught on cam

IBM’s X-Force security team obtained roughly five hours of video footage apparently shot on the screens on hackers showing how to break into email accounts and steal data. The IT giant believes the culprits work for a group they call ITG18, which other security firms have codenamed APT35 or Charming Kitten, and which the US believes is closed connected to Iran’s ruling theocracy.

Allison Wikoff, a senior analyst at IBM X-Force, told tech website Wired: “When we talk about observing hands-on activity, it’s usually from incident response engagements or endpoint monitoring tools.

“Very rarely do we actually see the adversary on their own desktop.

“It’s a whole other level of “hands-on-keyboard” observation.

“To see how adept they are at going in and out of all these different webmail accounts and setting them up to exfiltrate, it is just amazing. It’s a well-oiled machine.”

Emily Crose, a security research with cyber security experts Dragos, likewise said the team’s success was unprecedented.

She added: “This kind of thing is a rare win for the defenders.

JUST IN: Kim Jong-un on brink – North Korea leader facing COUP from own sister

All the data was accidentally uploaded to an exposed server at the precise moment IBM was monitoring the machine in May.

The clips seem to training demonstrations which the hackers show junior team members.

They show Gmail and Yahoo Mail accounts being broken into prior to their contents being downloaded, as well as the other illegal activity.

Experts believe the Charming Kitten hackers stole photos, emails, tax records, and other personal info from both of the individuals who were targeted.

In May, cybersecurity experts claimed hackers linked to Iran targeted staff at US drugmaker Gilead Sciences Inc as the company races to deploy a treatment for the COVID-19 virus.

In one case, a fake email login page intended to steal passwords was sent in April to a top Gilead executive involved in legal and corporate affairs, according to an archived version on a website used to scan for malicious web addresses.

Ohad Zaidenberg, lead intelligence researcher at Israeli cybersecurity firm ClearSky, who monitors Iranian hacking activity and has investigated the attacks, said the attempt was part of an effort by an Iranian group to compromise email accounts of staff at the company using messages which impersonated journalists.

Iran’s mission to the United Nations denied any involvement in the attacks.

Alireza Miryousefi said: “The Iranian government does not engage in cyber warfare.

“Cyber activities Iran engages in are purely defensive and to protect against further attacks on Iranian infrastructure.”

High profile Twitter accounts including those of Democratic Presidential candidate Joe Biden were reportedly hacked this week – although the US Government has yet to determine who was responsible.



COMMENTS

WORDPRESS: 0
DISQUS: