Security News > 2023 > November > Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware.
"The attacks are characterized by attempts to steal sensitive data, such as personally identifiable information and intellectual property," Palo Alto Networks Unit 42 said in a new report shared with The Hacker News.
"Once the attackers stole the information, they deployed various wipers intended to cover the attackers' tracks and to render the infected endpoints unusable."
Active since at least December 2020, Agonizing Serpens has been linked to wiper attacks targeting Israeli entities.
The latest set of attacks entails weaponizing vulnerable internet facing web servers as initial access routes to deploy web shells and conduct reconnaissance of the victim networks and steal credentials of users with administrative privileges.
A lateral movement phase is followed by data exfiltration using a mix of public and custom tools like Sqlextractor, WinSCP, and PuTTY, and finally deliver the wiper malware -.
News URL
https://thehackernews.com/2023/11/iranian-hackers-launches-destructive.html
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector (source)
- PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Russian hackers attack Western military mission using malicious drive (source)