Monday, March 1, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Iranian cyberspies leave training videos exposed online

July 18, 2020
in Internet Security
Iranian cyberspies leave training videos exposed online
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image:IBM X-Force

One of Iran’s top hacking groups has left a server exposed online where security researchers say they found a trove of screen recordings showing the hackers in action.

Discovered by IBM’s X-Force cyber-security division, researchers believe the videos are tutorials the Iranian group was using to train new recruits.

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

According to X-Force analysts, the videos were recorded with a screen-recording app named BandiCam, suggesting they were recorded on purpose and not accidentally by operators who got infected by their own malware.

Videos showed basic account hijacking techniques

The videos showed Iranian hackers performing various tasks and included steps on how to hijack a victim’s account using a list of compromised credentials.

Email accounts were primary targets, but social media accounts were also accessed if compromised account credentials were available for the target.

X-Force described the process as meticulous, with operators accessing each and every victim account, regardless of how unimportant the online profile.

This included accessing a victim’s accounts for video and music streaming, pizza delivery, credit reporting, student financial aid, municipal utilities, banks, baby product sites, video games, and mobile carriers, according to IBM X-Force. In some cases, operators validated credentials for at least 75 different websites across two individuals, they said.

Hackers accessed each account’s settings section and searched for private information that might not be included in other online accounts as part of their efforts to build a profile as complete as possible about each target.

IBM didn’t detail how the hackers obtained the credentials for each victim. It is unclear if the operators had infected the targets with malware that dumped passwords from their browsers, or if the operators had bought the credentials off the underground market.

Other videos showed how to export account data

In other videos, the operator also went through the steps to exfiltrate data from each account. This included exporting all account contacts, photos, and documents from associated cloud storage sites, such as Google Drive.

X-Force researchers say that in some cases, the operators also accessed a victim’s Google Takeout utility to export details such as the full content of their Google Account, including location history, information from Chrome, and associated Android devices.

itg18-collected-data.png

Image: IBM X-Force

When all was done, the operators also added the victim’s email credentials to a Zimbra instance operated by the Iranian group, which would allow the hackers to remotely monitor multiple accounts from one backend panel.

Other videos also showed the operators engaged in creating puppet email accounts that X-Force researchers believe the hackers would use for future operations.

2FA blocked intrusions

X-Force says it was able to identify and later notify some of the victim accounts portrayed in the videos, which included an enlisted member of the United States Navy, as well as an officer in the Greek Navy.

The videos also showed failed attempts to access target accounts, such as the accounts of US State Department officials.

The videos where the account compromise attacks failed were usually for accounts that used two-factor authentication (2FA), researchers said in a report shared with ZDNet this week.

Server and training videos linked to ITG18/APT35

X-Force researchers said the server where they found all these videos was part of the attack infrastructure of an Iranian group they have been tracking as ITG18, but more commonly known as Charming Kitten, Phosphorous, and APT35.

The group has been one of Iran’s most active state-sponsored hacking crews. Some of the group’s more recent campaigns include attacks against a 2020 US presidential campaign but also US pharmaceutical executives during the COVID-19 pandemic.

Past ITG18/APT35 campaigns have also targeted US military, US financial regulators, and US nuclear researchers — areas of interest for the Iranian state due to the mounting military tensions between the two countries, the economic sanctions imposed on Iran, and Iran’s expanding nuclear program.

Credit: Zdnet

Previous Post

Machine learning PODA model projects the impact of COVID-19 on US motor gasoline demand

Next Post

Sanity. Strength. Humanity. : The Effects of Rapidly Changing Technology | by Aleia Knight

Related Posts

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Next Post
Sanity. Strength. Humanity. : The Effects of Rapidly Changing Technology | by Aleia Knight

Sanity. Strength. Humanity. : The Effects of Rapidly Changing Technology | by Aleia Knight

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

9 Tips to Effectively Manage and Analyze Big Data in eLearning
Data Science

9 Tips to Effectively Manage and Analyze Big Data in eLearning

March 1, 2021
Machine Learning & Big Data Analytics Education Market 2021 Global Industry Size, Reviews, Segments, Revenue, and Forecast to 2027 – NeighborWebSJ
Machine Learning

Machine Learning & Big Data Analytics Education Market 2021 Global Industry Size, Reviews, Segments, Revenue, and Forecast to 2027 – NeighborWebSJ

March 1, 2021
The Future of AI in Insurance
Data Science

The Future of AI in Insurance

March 1, 2021
Machine Learning as a Service (MLaaS) Market Analysis Technological Innovation by Leading Industry Experts and Forecast to 2028 – The Daily Chronicle
Machine Learning

Machine Learning as a Service (MLaaS) Market Global Sales, Revenue, Price and Gross Margin Forecast To 2028 – The Bisouv Network

March 1, 2021
AI And Automation In HR: The Changing Scenario Of The Business
Data Science

AI And Automation In HR: The Changing Scenario Of The Business

February 28, 2021
Machine learning could aid mental health diagnoses: Study
Machine Learning

Machine learning could aid mental health diagnoses: Study

February 28, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • 9 Tips to Effectively Manage and Analyze Big Data in eLearning March 1, 2021
  • Machine Learning & Big Data Analytics Education Market 2021 Global Industry Size, Reviews, Segments, Revenue, and Forecast to 2027 – NeighborWebSJ March 1, 2021
  • The Future of AI in Insurance March 1, 2021
  • Machine Learning as a Service (MLaaS) Market Global Sales, Revenue, Price and Gross Margin Forecast To 2028 – The Bisouv Network March 1, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates