Expedite deal, France warns Iran as Khamenei orders nuclear progress

/in


ANKARA: Iran has escalated its longstanding cyber campaign against Turkey through state-sponsored hackers, who have targeted high-profile governmental and private websites in the country since November 2021.

Experts believe that the upgraded cyber assault is a reaction against Turkey’s attempts to normalize ties with countries such as the UAE, Saudi Arabia and Israel.

MuddyWater, a hacker group linked to Iran’s Ministry of Intelligence and Security, is allegedly behind these cyber attacks, which involve infection vectors such as malicious PDF attachments and Microsoft Office documents embedded in phishing emails.

These malicious documents were titled in the Turkish language so they would present as legitimate texts coming from the Turkish health and interior ministries.

The malware attack was first observed by CISCO Talos Intelligence Group, one of the world’s biggest commercial threat-focused intelligence teams.

The emails to the target’s enterprise contained a link to a compromised website and used the name of the target institution as a parameter in the URL.

As part of a tactic known as web bug, the links are used to track when the messages are opened by the endpoint.

When the initial access to the victim is gained, the hacker group collects sensitive information from its network. 

MuddyWater is known for its attacks against government networks across the US, Europe, the Middle East and South Asia for the last two years, with the aim of conducting cyber-espionage for state interests, deploying ransomware and destructive malware and stealing intellectual property that has high economic value. 

“Iran has become an increasingly capable and sophisticated cyber actor since 2007,” Rich Outzen, a retired colonel in the US Army and senior fellow at the Jamestown Foundation, told Arab News. 

“Up to that time, there were cyber attacks and cyber crime emanating from Iran, but little evidence of state direction,” said Outzen. 

“Starting with the suppression of the Green Movement and Iran’s own experience as a target of cyber attacks on its sanctioned nuclear program, the emergence of an ‘Iranian Cyber Army’ under the guidance of the Islamic…

Source…