Skip to main content

Iranian government agencies targeted by Chinese hackers

 


Many reports are saying that the  Iranian government records and institutes were targeted by the Chinese advance persistent between July and December in the last year of 2022.

Many reports are indicating that Chinese NICKEL, APT15, KeChang, Backdoor Diplomacy, and Vixen Panda are suspected. Their act was like hacking and seems like malware infrastructure associated with the APT group.

In a blog, Palo Alto Networks said about the Chinese activity that they always continue to do such a strategy and its tooling with another nation. Recently it has become clear that cyber-espionage operation was earlier done by China and they did it successfully. The Turian backdoor and new C2 infrastructure show that these actors continue to be successful.

The cyber security firm also stated in their statement that analysis of malicious infrastructure samples and connections shows that Iranian government networks are likely to be compromised.

The report does not stop just by warning the Irish government they also said warned other states too. The reports also indicate similar incidents and techniques can be used by enemies or nations in North and South America, Africa, and the Middle Eastern region.

Agile Taurus Deploys set the New Version Of Turion Malware

In the recent attacks, the Playful Taurus was using a new version of the Turian malware and a new command and control named C2 infrastructure in which they hacked the governmental institution of Iran. This is also confirmed by the research team. These threat actors have obfuscation and a modified network protocol and are used to take out C2 servers. This malware is used to generate and execute reverse shell commands.

In this incident of hacking of four Iranian government networks and organizations, the Foreign Ministry is likely to have been compromised using a new variant of the malware.

Quarion has evolved into Turion but let me tell you that this malware was used in 2013 to threaten USA and Syria diplomatic relations. Turion was first identified by ESET in June 2021 as being used by Agile Taurus.

Many countries have faced the threat

From the year of 2010, several countries have faced the threat and fear of getting hacked. Many telecommunications companies and diplomatic units of government faced the heat. However, earlier attacks focused on hacking web servers and opening web shells and to try and open Internet-exposed apps. Webshell is used for Playful Taurus to open software to take all the information. The dynamic library and hijacking were used to install its backdoor, Turion.

But latterly this technique start to be used in the diplomatic race. And in 2012, Fickle Taurus targeted the Syrian Foreign Ministry and in 2013 the US State Department. In 2021 Microsoft seized 42 domains which were targeting 29 countries.
Labels:

Comments

Post a Comment

Popular posts from this blog

1 Saudi Move & Impact On West Asian Geopolitics

  As one of the most influential players in the Middle East, Saudi Arabia's actions have far-reaching consequences for West Asian geopolitics. In recent years, we've seen several moves from this powerful nation that are shaking up traditional power dynamics and creating new alliances. From its diplomatic spat with Qatar to its growing relationship with Israel, Saudi Arabia is making bold moves that could change the face of West Asia as we know it. Join us as we dive into the geopolitical implications of Saudi Arabia's latest actions and explore what they mean for the future of this critical region. Saudi Arabia has long been a dominant force in the Middle East, wielding its oil wealth and religious influence to shape regional politics. Its alliance with the United States has given it even greater sway on the global stage, making it a key player in shaping West Asian geopolitics. However, Saudi Arabia's role in the region is not without controversy. Its support for conse...
Post a Comment
Read more

Fights break out as Kurds protest the French government's denial of a terrorist attack

  Following the murder of three Kurds in what is being considered to be a probable racist incident , there have been widespread protests in Paris. The fact that the authorities did not view the attack at a Kurdish centre as a terrorist act has enraged the Kurdish diaspora in Paris. A 69-year-old man opened fire on a crowd of individuals early on Friday morning at the Ahmet-Kaya centre on Rue d'Enghien in the 10th arrondissement. One of the three victims is badly injured. All of the dead were Kurdish community members who passed away both inside and outside the cultural centre. Agit Polat, a spokesman for the Kurdish centre, charged that French officials "yet again failed to safeguard us... This is a terrorist attack in our eyes, according to the AFP news agency. In the afternoon, a number of protestors, largely from the Kurdish diaspora, got into a fight with the police outside the centre and in the streets close by, throwing rocks and torching trash cans. Police use...
Post a Comment
Read more

Verbal spat between Joe Biden and Benjamin Netanyahu over Israel judicial overhaul

  The Prime Minister of Israel, Benjamin Netanyahu, turned down United States President Joe Biden’s suggestion that the Israeli government “walks away” from a plan to overhaul the country’s legal system. A verbal spat between the two close allies took place on Wednesday. The US President and Israeli Prime Minister exchanged a few words on judicial changes in Israel. On Tuesday, reporters asked Joe Biden about Israel’s judicial overhaul planned reforms. Biden reportedly said, “I hope he (Netanyahu) walks away from it.” He said that the Israeli government “cannot continue down this road” and urged compromise on this plan to overhaul the country’s legal system. Subsequently, the Israeli PM said that his country makes its own decisions. He reportedly said in a statement, “Israel is a sovereign country which makes its decisions by the will of its people and not based on pressures from abroad, including from the best of friends.” Netanyahu’s latest comments came a day after he de...
Post a Comment
Read more