Microsoft Exchange email hijacking tool is released online

A tool for hijacking Microsoft Exchange e-mail accounts used by the OilRig team leaked online.

The utility is called Jason and is not currently detected by virus protection machines in VirusTotal.

hijacking

The hijacking tool was released a few hours ago through their Telegram channel, and the publication states that it is used by the Iranian government "for attacking emails and stealing information".

Jason hijacking tool works by trying different passwords until it finds the right one. The brute-force activity is supported by a list of sample passwords and four text files containing numeric patterns.

Omri Segev Moyal, co-founder and vice president of research at Minerva Labs, analyzed the tool Jason, and states that "it seems to be a relatively simple brute-force program against online messaging services".

VirusTotal analysis reveals that the utility was created in 2015. So far it seems to bypass all the detection mechanisms available by VirusTotal.

The OilRig group, also known as APT34 and HelixKitten, is a group affiliated with the Iranian government. Using the nickname Lab Dookhtegan, someone started leaking information about OilRig on March 26, the tools used in hacking operations and various contact details for members of the group allegedly working in Iran's Ministry of Information and Security (MOIS).

_______________________

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).