Iran-linked hackers hit Israeli, US and EU defense tech firm

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Microsoft has warned that hackers linked to Iran are mainly targeting Office 365 clients in defense technology firms.

Researchers at Microsoft Threat Intelligence Center (MSTIC) and Microsoft Digital Security Unit (DSU) have revealed details of a new threat actor having links with Iran. This actor has launched a password spraying scheme, and the targets are Israeli, US, and EU defense technology firms.

Further, the tech giant has observed activities against Middle Eastern maritime and cargo transportation companies and regional ports of entry on the Persian Gulf by the same actor. Reportedly, this gang performs its operations using the moniker DEV-0343. The hackers are mainly targeting Office 365 clients.

What is Password Spraying Attack?

In this kind of attack, threat actors try to brute-force accounts cycling the same passwords on multiple accounts at once. This helps them hide failed attempts using different IP addresses and evade automated defenses such as IP blocking or password lockout designed

Read the article