Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Iranian Hackers Are Back To Target Govt. Organizations of Israel, Turkey And United States!

 

 

An Iranian hacking group is targeting various government organizations of United States, Israel and Turkey. This hacking group was first detected by Security Researchers of Palo Alto Networks last year. At that time, these hackers were hacking systems of financial organizations and banks of Saudi Arabia. Moreover, attacks on Defense Industry of Saudi Arabia, had been performed by this hacking group. This hacking group is back once again, with advanced and improved malware tools.

 

Palo Alto Was Keeping An Eye on These Hackers

Security Researchers of Palo Alto networks were tracing these hackers from day one. They were monitoring all the activities of this Iranian hacking group. According to Palo Alto, an industrial company of Qatar was the recent target of this hacking group. Now this hacking group is targeting government organizations of United States, Turkey and Israel. Researchers also said that this time they are using advanced malware tools to get the access of systems. These hackers are spreading a malware by pretending to be a part of well-known cyber security firms and FireEye is one of them.

 

Hackers Are Spreading “OilRig” Malware

Iranian hackers are spreading OilRig malware by hiding it behind Excel documents. OilRig is like a new wine in an old bottle. It is the updated version of famous Helminth malware. Hackers were using this malware to target banks and financial organizations. To spread OilRig malware, hackers are using their social engineering skills, spear phishing techniques and spam email campaigns. Hackers are sending specially crafted macro enabled malicious excel spreadsheets to victims. In a case of Turkish government, an official got a excel file which was same as a login portal of an airline. In actual it was a phishing form, which had been sent by the hackers.

 

OilRig malware is a mixture of various malwares. Four variants of Helminth malware has been discovered by security researchers from this OilRig malware. Hackers are using these variants to communicate with both DNS and HTTP remote servers. Through these command and control servers, hackers are collecting the information of infected device and adding new files remotely.

 

Similar Articles: 

7 Iranian Hackers will spend their future in Prison, United States said!

GhostShell Hackers are Back with 38 Million Leaked Login Credentials!

Hackers are running a Business Email Compromise Campaign in ASIA, MIDDLE EAST and US to steal money!

 

Helminth Malware works in two formats. One format is script based in which hackers use Powershell Scripts or VBScript. Second is executable file. Hackers use a HerHer named Trojan to spread malicious executable files of Helminth. This version of Helminth is capable to record key strokes after bypassing all the antivirus tools.

 

"Security researchers of Palo Alto Networks have found various clues, which are directly indicating that hackers belongs to Iran."

 

During the investigation of malware samples, researchers found the piece of codes which had been written by the authors in Persian language. Researchers have found the information about command and control servers. Some IP addresses has also been detected by Palo Alto networks, which belongs to Iran and also available in the blacklisted IP list Symantec.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.