Source code of Iranian cyber-espionage tools leaked on Telegram

In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. The hacking tools are nowhere near as Read More …

Ex-US Air Force intelligence officer charged with spying for Iran

U.S. authorities on Wednesday charged former Air Force intelligence officer Monica Witt with helping Iran launch a cyber-spying operation that targeted her former colleagues after she defected from the United States. The U.S. Justice Department said Witt, 39, assembled dossiers Read More …

Charming Kitten Iranian Espionage Campaign Thwarts 2FA

The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. A range of political and civil society targets are under fire in an APT attack dubbed the Return of Charming Read More …

U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks

The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer Read More …

New Stuxnet Variant Allegedly Struck Iran

A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. Details about the supposed new attack are superficial at the moment, as there are no details about the supposed Read More …

OilRig APT Continues Its Ongoing Malware Evolution

The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. OilRig, an APT group believed to have ties to Iran, has been spotted in yet another Read More …

OilRig Sends an OopsIE to Mideast Government Targets

The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity. The OilRig group is back, using a reboot of the OopsIE trojan to pump information from its favorite resource: entities in the Read More …