Submit your comments on this article | |||
Syria-Lebanon-Iran | |||
Another Cyber Espionage Campaign Targeting Iran | |||
2012-07-18 | |||
Security experts say more than 800 hit by operation, including infrastructure companies, financial services firms and Mideast embassies Security experts have uncovered an ongoing cyber espionage campaign targeting Iran and other Middle Eastern countries that they say stands out because it is the first such operation using communications tools written in Persian. Â Israeli security company Seculert and Russia's Kaspersky Lab, said on Tuesday that they identified more than 800 victims of the operation. The targets include critical infrastructure companies, engineering students,
Seculert and Kaspersky declined to identify specific targets of the campaign, which they believe began at least eight months ago. They said they did not know who was behind the attacks or if was a nation state. Â "It's for sure somebody who is fluent in Persian, but we don't know the origin of those guys," said Seculert Chief Technology Officer Aviv Raff.
 The firms said they believed multiple gigabytes of data have been uploaded from targeted machines.  "Somebody is trying to build a dossier of a larger scale on something," Raff said. "We don't know what they are going to do at the end."  Researchers have previously said that nation states were almost certainly behind the Flame virus, which was discovered earlier this year, and Duqu, which was uncovered in 2011.   Seculert and Kaspersky dubbed the campaign Mahdi, a term referring to the prophesied redeemer of Islam, because evidence suggests the attackers used a folder with that name as they developed the software to run the project.  They also included a text file named mahdi.txt in the malicious software that infected target computers.
 According to the security companies, the program collected data, screen shots, and sensitive material from individuals involved with national infrastructures, financial entities, and academic institutions. The experts discovered parts of the program that indicate that it originated in Iran. | |||
Posted by:trailing wife |
#2 It could also be an attempt at retaliation against Israel that went awry -- the cyber equivalent of the Iranian would-be assassin in Thailand who only managed to blow off his own legs. |
Posted by: Odysseus 2012-07-18 09:58 |
#1 |
Posted by: junkiron 2012-07-18 09:34 |