Top cyber security researchers have taken notice of a new campaign of focused phishing emails being transmitted to US targets from a hacker group known by the names APT33, Magnallium, or Refined Kitten, and broadly believed to be working within the service of the Iranian authorities.
Division of Power and US nationwide labs are two of the half-dozen focused organizations already on the case. A third safety agency, FireEye, independently confirmed that it has seen a broad Iranian phishing campaign concentrating on government related businesses and private sector corporations within the US and Europe.
None of the targeted corporations had any evidence of successful intrusions, yet.
Whenever two superpower nations start to threaten each other with digital warfare in 2019, it is a protected wager that they’ve already been hacking on each other’s networks. Three independent cybersecurity corporations now confirm they’ve watched Iran’s hackers attempt to acquire entry to a wide range of US organizations over the previous few weeks, simply as military tensions between the two countries rise to a breaking point. it is not clear whether these attempted intrusions are geared towards intelligence gathering or just simply laying the groundwork for a future disruptive cyberattack.
Regardless of its present intentions, Iran has a lengthy historical past of disturbing and violent cyberattacks on American targets and US allies. After the Stuxnet malware was revealed in the summer of 2012 to be a joint US-Israeli operation geared toward sabotaging an Iranian nuclear enrichment facility, Iranian hackers launched an unprecedented attack on Saudi Aramco, utilizing the Shamoon wiper malware to destroy 30,000 computer systems, leaving a picture on their screens of a burning American flag.
Over the following month, it launched a sequence of sustained distributed denial of service assaults hitting the web sites of a majority US financial institutions, and in 2014 launched another data-destroying attack on the Las Vegas Sands Online casino, after the online casino’s proprietor Sheldon Adelson publicly advised the US launch a nuclear weapon towards Iran.
When US President Donald Trump trashed the previous administration’s agreement with Iran last year, cybersecurity experts warned that Iran would undoubtedly restart its agressive hacking operations towards the West. In December of 2018, another Shamoon attack hit the network of Italian oil firm Saipem, whose largest buyer is Saudi Aramco. It is of note that this cyberattack wasn’t clearly attributed to Iran.