Hackers behind Iranian wiper attacks linked to Syrian breaches

2021-08-16 13:06

Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra, who previously deployed wiper malware on the networks of multiple Syrian organizations.

"The attacks on Iran were found to be tactically and technically similar to previous activity against multiple private companies in Syria which was carried at least since 2019," Check Point Research analysts who made the connection said.

As SentinelOne security researcher Juan Andres Guerrero-Saade observed in a report analyzing the Iranian attack published two weeks ago, the threat actor was able to remain undetected during the reconnaissance phase of their attack despite showing a general lack of skill.

Indra has previously shared successful attacks on social media on multiple platforms, including Twitter, Facebook, Telegram, and Youtube.

November 2020: Indra threatens to attack the Syrian Banias Oil refinery, though it is not clear whether the threat was carried out.

The hacking group chose not to take responsibility for last month's attacks against the Iranian Railways and the Ministry of Roads and Urban Development.

News URL

https://www.bleepingcomputer.com/news/security/hackers-behind-iranian-wiper-attacks-linked-to-syrian-breaches/

#attack #breaches #hacker #iranian

News URL

Related news