Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Iranian hackers target US government workers in new campaign

January 31, 2020
in Internet Security
Iranian hackers target US government workers in new campaign
589
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Special feature


Cyberwar and the Future of Cybersecurity


Cyberwar and the Future of Cybersecurity

You might also like

Oxford University lab with COVID-19 research links targeted by hackers

Fastest VPN in 2021 | ZDNet

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Read More

Iranian government-backed hackers are back at it, targeting US federal workers in the hopes of compromising government systems with malware.

The hacking attempts have been linked to a cyber-espionage group codenamed APT34, or OilRig, a six-year-old hacker group acting in the interests of the Iranian government.

The hacking attempts consist of a cleverly orchestrated spear-phishing campaign, according to a report published today by cyber-security firm Intezer Labs, and shared with ZDNet.

The spear-phishing emails mimick Westat surveys. Westat is a well-known US government contractor that has managed and administered surveys to more than 80 federal agencies, for at least 16 years, querying federal workers on working conditions, management, and job satisfaction.

Intezer says that APT34 has been sending out fake Westat-looking emails that distribute boobytrapped surveys as Excel spreadsheets.

westat-survey.png

Image: Intezer Labs

New and improved malware

These documents contain malicious code that executes if the victim enables macros inside Excel. The malicious code downloads and installs two strains of malware known as TONEDEAF and VALUEVAULT.

One is a backdoor, while the other is a password stealer.

Both have been spotted before, namely used with another APT34 spear-phishing campaign detected by FireEye in July last year.

However, Intezer says these two versions contain serious upgrades from the previous ones used last July, both appearing to have been modified for this specific campaign.

For example, VALUEVAULT contains a Chrome password dumping feature instead of its past Windows Vault password dumping function, most likely because of the US government’s known use of Chrome as a default browser.

Intezer tracks these new variations as TONEDEAF 2.0 and VALUEVAULT 2.0. APT34 appears to have modified both malware strains after having its activities exposed by FireEye.

tonedeaf.png

Image: Intezer Labs

“The technical analysis of the new malware variants shows the group has been investing substantial effort in upgrading their tools in an attempt to stay undetected after being exposed, and it seems that effort is generally paying off,” the Intezer team said.

It is unclear for how long this recent APT34 spear-phishing campaign posing as Westat has been going on.

Campaign still going

“What we do know is that the [malware’s comand and control] domain was created 4 months ago, and a certificate was issued for the website a month ago,” Paul Litvak, malware analyst at Intezer Labs, told ZDNet today.

Litvak believes the campaign is still ongoing. He also warns that other targets might be targeted beyond US government organizations, such as commercial entities known to rely on Westat’s surveying services.

Intezer said it notified Westat about the ongoing spear-phishing campaign earlier today.

ZDNet also reached out to Westat and inquired if the company plans to warn its customerbase about the ongoing Iranian hacking campaign that’s abusing its brand. Westat has yet to answer both Intezer and ZDNet inquires.

Credit: Zdnet

Previous Post

Hackers Put 30 Million Stolen Payment Card Details for Sale

Next Post

Brands are neglecting transactional emails, leading to deliverability issues and lost customers

Related Posts

Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Next Post
Brands are neglecting transactional emails, leading to deliverability issues and lost customers

Brands are neglecting transactional emails, leading to deliverability issues and lost customers

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
The Education Industrial Complex: The Hammer We Have
Data Science

The Education Industrial Complex: The Hammer We Have

February 27, 2021
New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

New AI Machine Learning Reduces Mental Health Misdiagnosis

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market
Data Science

Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market

February 27, 2021
MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company
Machine Learning

MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Oxford University lab with COVID-19 research links targeted by hackers February 27, 2021
  • The Education Industrial Complex: The Hammer We Have February 27, 2021
  • New AI Machine Learning Reduces Mental Health Misdiagnosis February 27, 2021
  • Fastest VPN in 2021 | ZDNet February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates