A tool for hijacking email accounts Microsoft Exchange used by the OilRig team was leaked to Internet.
The auxiliary πρόγραμμα ονομάζεται Jason και προς το παρόν δεν ανιχνεύεται από μηχανές προστασίας από ιούς στο VirusTotal.
The hijacking tool was released a few hours ago through their Telegram channel, and the publication states that it is used by the Iranian government "for attacking emails and stealing information".
Jason hijacking tool works by trying various codeof access until it finds the right one. The brute-strength activity is supported by a list of sample passwords and four text files containing numeric patterns.
Omri Segev Moyal, co-founder and vice president of research at Minerva Labs, analyzed the tool Jason, and reports that it “seems to be a relatively simple program brute-force against online messaging services”.
Η ανάλυση της VirusTotal αποκαλύπτει ότι το auxiliary πρόγραμμα δημιουργήθηκε το 2015. Μέχρι αυτή τη στιγμή φαίνεται να παρακάμπτει όλους τους μηχανισμούς ανίχνευσης που διαθέτει η VirusTotal.
The OilRig group, also known as APT34 and HelixKitten, is a group linked to the government of Iran. Using the alias Lab Dookhtegan, someone began leaking information about OilRig on March 26, the tools used in hacking operations and various data contact information for group members purportedly working for Iran's Ministry of Intelligence and Security (MOIS).
_______________________
- Meet PowerShell 7
- Windows 10 the Best Antivirus Tests March - April 2019
- Laptop vs. desktop. Advantages, disadvantages, and what to buy