Security News > 2022 > September > FBI: Iranian hackers lurked in Albania’s govt network for 14 months
The Federal Bureau of Investigation and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government's network in July lurked inside its systems for roughly 14 months.
"A FBI investigation indicates Iranian state cyber actors acquired initial access to the victim's network approximately 14 months before launching the destructive cyber attack, which included a ransomware-style file encryptor and disk wiping malware," the two agencies revealed in a joint advisory published today.
The malicious actors behind the attack, collectively identified by the FBI as an Iranian-backed threat group named "HomeLand Justice," attacked the Government of Albania in July 2022, 14 months after the initial breach, taking down multiple websites and services.
This month, the Iranian state hackers targeted the Government of Albania in a new series of cyber-attacks, using tactics and methods similar to the ones from the July attack.
This decision comes after Albania announced it severed diplomatic relations with Iran after attributing the July attack to Iranian state hackers.
The HomeLand Justice group claimed the attack on July 18 and, between late July and mid-August, it leaked information stolen from the Albanian government's network.
News URL
Related news
- Iranian hackers charged for ‘hack-and-leak’ plot to influence election (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)