Iranian hackers 14 months in Albanian networks before running ransomware

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI they said on Wednesday ότι hackers που συνδέονται με τον στρατό του Ιράν πέρασαν 14 μήνες μέσα στα δίκτυα της Αλβανικής κυβέρνησης πριν εξαπολύσουν μια επίθεση ransomware που προκάλεσε εκτεταμένη on July.

albanian flag

The FBI did not specify which Iranian hacking group was behind the incident, but explained that during their investigation, they discovered that the hackers were exploiting a security hole in Microsoft SharePoint that is circulating on the Internet via CVE-2019-0604.

Cybersecurity agencies classified it CVE-2019-0604 like one of the what caused it during the of 2020. The same bug is used by government hackers, but also by ransomware gangs.

According to the warning, the hackers were able to maintain continuous on the network for more than a year, frequently stealing emails throughout 2021. By May 2022, hackers began moving laterally and probing the network, carrying out a broader credential theft from Albanian government networks.

The FBI confirmed reports from Reuters and other researchers that the attacks were due to Albania's involvement with the Mujahideen-e Khalq, known as the MEK.

Albania allowed some 3.000 members of the group to settle near Durrës, the country's main port.

The agencies said that in July 2022, hackers "pushed a ransomware onto networks, leaving an anti-Mujahideen E-Khalq (MEK) message on their desktops."

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
ransomware, hackers, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).