Iranian hackers have hacked dozens of companies in the defense, satellite and pharmaceutical sectors this year using a fairly unsophisticated, blunt hacking technique, Microsoft warned in a new report. From a report: Many of these companies are based in the U.S., and the breaches come amid heavy U.S. sanctions targeting Iranian oil and petrochemical sales. Microsoft said Thursday that Iranian hacking group Peach Sandstorm — which other firms also refer to as APT33, Elfin or Refined Kitten — has been breaking into these companies by trying to guess multiple user accounts’ passwords.

The password-spraying campaign took place between February and July this year, Microsoft found. In some cases, the hackers were able to exfiltrate data, and in others, they just lurked on the networks to see what intelligence they could gather. The Iranian group targeted thousands of companies as part of this monthslong campaign — but was able to access only a small percentage of those organizations, Microsoft said.

Source link

By mrtrv

Leave a Reply

Your email address will not be published. Required fields are marked *