The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Cybersecurity advisory on the recent cyber operations held by the Iranian state cyber actors against the Government of Albania in July and September.
The advisory provides a detailed timeline pertaining to activities that were detected, from the initial software access to the execution of encryption and wiper attacks. The information also included the files that the actors used for the attacks.
The hackers, referred to as HomeLand Justice, who are state-sponsored Iranian advanced persistent threat (ATP) actors, attempted to paralyse public services, delete and steal governmental data, and disrupted the government’s websites and services, wreaking havoc and panic on the state.
As per the agencies, the threat actors had the access to the Albanian government servers for 14 months before executing the cyber attacks that included the execution of encryption and wiper attacks.
A series of cyberattacks was then launched by the threat actors, on July 17th, 2022, after conducting lateral movements, network reconnaissance, and credential harvesting from the Albanian government network, leaving an anti-Mujahideen E- Khalq (MEK) messages on the desktop
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: