Security News > 2023 > April > Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs
Microsoft has discovered that an Iranian hacking group known as 'Mint Sandstorm' is conducting cyberattacks on US critical infrastructure in what is believed to be retaliation for recent attacks on Iran's infrastructure.
In a new report, researchers in Microsoft's Threat Intelligence team explain that a subgroup of Mint Sandstorm switched from performing surveillance in 2022 to performing direct attacks on US critical infrastructure.
These include destructive attacks on Iran's railway system in June 2021 and a cyberattack causing an outage at Iranian gas stations in October 2021.
Microsoft believes the Iranian government is now allowing state-sponsored threat actors more freedom when conducting attacks, leading to an overall increase in cyberattacks.
"This targeting also coincided with a broader increase in the pace and the scope of cyberattacks attributed to Iranian threat actors, including another Mint Sandstorm subgroup, that Microsoft observed beginning in September 2021," Microsoft warns in today's report on Mint Sandstorm.
In addition to utilizing exploits to breach networks, Microsoft says the attackers conducted low-volume phishing attacks against a small number of targeted victims.
News URL
Related news
- US says Chinese hackers breached multiple telecom providers (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- US warns of last-minute Iranian and Russian election influence ops (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- US indicts Snowflake hackers who extorted $2.5 million from 3 victims (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- T-Mobile US takes a victory lap after stopping cyberattacks: 'Other providers may be seeing different outcomes' (source)