Iran-linked Cobalt Mirage extracts money, info from US orgs – report


The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks’ threat intelligence team.

The cybercriminal gang has been around since June 2020, and its most recent activities have been put into two categories. One, using ransomware to extort money, as illustrated by a strike in January against a US philanthropic organization, according to Secureworks’ Counter Threat Unit (CTU); and two, gathering intelligence, with a local government network in the United States targeted in March, CTU researchers detailed Thursday.

“The January and March incidents typify the different styles of attacks conducted by Cobalt Mirage,” they wrote.

Read more…
Source: The Register