Cybersecurity firm Mandiant has attributed over 30 cyber espionage attacks against activists and dissidents to the state-backed Iranian threat group APT42 (formerly UNC788) with activity dating back to 2015, at least.
Based on APT42’s activities, the researchers believe the hacking group operates on behalf of the Islamic Revolutionary Guard Corps Intelligence Organization (IRGC-IO), not to mention shares partial overlaps with another Iran-linked APT group tracked as APT35 (aka Charming Kitten, Phosphorus, Newscaster, and Ajax Security Team).
The APT group has targeted multiple industries such as non-profits, education, governments, healthcare, legal, manufacturing, media, and pharmaceuticals spanning across 14 nations, including in Australia, Europe, the Middle East, and the U.S.
“APT42 activity poses a threat to foreign policy officials, commentators, and journalists, particularly those in the US, the UK, and Israel, working on Iran-related projects,” reads the report published by Mandiant. “Additionally, the group’s surveillance activity highlights the real-world risk to individual targets of APT42 operations, which include Iranian dual-nationals, former government officials, and dissidents both inside Iran and those who previously left the country, often out of fear for their personal safety.”
The Iranian hacker
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: