Iranian Hacker Group Void Manticore Linked to Destructive Cyber Attacks on Israel and Albania

A recent report from Check Point Research (CPR) has unveiled the activities of an Iranian hacker group known as Void Manticore, which has been linked to a series of destructive cyber attacks on Israel and Albania. Affiliated with Iran’s Ministry of Intelligence and Security (MOIS), Void Manticore operates alongside another Iranian threat actor, Scarred Manticore, to carry out these attacks. 

The group employs various online personas, such as “Karma” for attacks in Israel and “Homeland Justice” for those in Albania. Their tactics involve gaining initial access to target networks using publicly available tools and deploying custom wipers to render data inaccessible on both Windows and Linux systems.

CPR’s analysis details a systematic collaboration between Void Manticore and Scarred Manticore. Initially, Scarred Manticore gains access and exfiltrates data from targeted networks. 

Control is then transferred to Void Manticore, which executes the destructive phase of the operation. This strategic partnership amplifies the scale and impact of their cyber attacks.

The report underscores the similarities in the attacks on Israel and Albania, including the exploitation of specific vulnerabilities for initial access, the use of similar tools, and the coordinated efforts between the two groups. These overlaps suggest a well-established routine for the Iranian hacker groups. 

Void Manticore’s toolkit includes several custom wipers, s

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.