Iran TerrorismMore Iranian Cyber Attacks Could Be on Their Way

More Iranian Cyber Attacks Could Be on Their Way


Iranian cyber attacks

Iran Focus

London, 20 Sep – Hackers associated with Iran launched a major campaign that targets Middle East energy firms and others ahead of the initial US sanctions in August, according to American cyber security firm FireEye, warning that further attacks could be coming before the upcoming sanctions against Iran ’s oil industry come into effect in November.

FireEye said on Tuesday that the “spear-phishing” email campaign allows hackers to steal information from infected computers, but caution that the malware used in similar to one that destroyed tens of thousands of terminals in Saudi Arabian oil company Saudi Aramco, deleting the hard drives and displaying a picture of a burning American flag on the monitors.

Alister Shepherd, a director for a FireEye subsidiary, said: “Whenever we see Iranian threat groups active in this region, particularly in line with geopolitical events, we have to be concerned they might either be engaged in or pre-positioning for a disruptive attack.”

FireEye refers to the Iranian hackers as APT33, an acronym for “advanced persistent threat”, citing that the group would target its victims by using phishing emails with fake job opportunities, even faking domain names to make the messages look legitimate. Often the email appears to be from a Middle East oil and gas company and the targets are organizations, from utilities to education, in the Middle East, North America and Japan.

FireEye previously discussed the group last year, but was keen to outline the dangers of the Iranian hackers, citing a tenfold increase in the number of emails sent out by APT33 between July 2 and July 29. They also warn that the numbers may be much higher still as FireEye’s data only include their own clients. They said the attacks appear targeted in nature.

FireEye also revealed that they believe that APT33 is being led by Iran for several reasons:

1. Hackers communicate in Farsi

2. Hackers use Iranian workweek (Sat-Wed) and communicate during Iranian office hours

3. Hackers are targeting firms in the US and its allies, including Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates

Shepherd said: “Since we started tracking APT33 in 2013, their sophistication has definitely improved… We wouldn’t put them on the same level as some of the more-sophisticated Russian groups, for instance, in terms of capability. But they are a very capable group and they manage to meet their objectives, which is to compromise institutions in both the government and private sector and steal data.”

Latest news

Iranian People’s Resistance Changed the Appeasement Policy

Soon after the new US government started its obligations in January 2021, hand in hand with the European governments...

Khamenei’s Disgraceful Campaign Against Piranshahr and Javanrud, Who Will Be the Loser?

On the 67th day of Iran’s revolution, the Iranian regime attempted to put a halt to the protests in...

Iran: Expensive Medicine, Cheap Human Life

A look at the equipment and weapons that the Iranian regime has been using against its people to suppress...

Who Is Abolqasem Salavati Iran Regime’s Killer Judge?

Last week, it was announced that the case of several people who were arrested during the Iranian People's uprising...

Iran Revolution Characteristics

More than two months have passed since the start of the latest round of protests in Iran against the...

Iran’s Regime Is Unable To Eradicate Protests

Totalitarian governments, whether be it a monarchy or a clerical regime, and their international supporters are pursuing the same...

Must read

Russia said to still object to UN Iran statement

Reuters: Russia, backed by China, blocked agreement on Monday...

Belgium, Denmark take stance against Iran

Iran Focus: Brussels, Jan. 17 – Belgium and Denmark...

You might also likeRELATED
Recommended to you