Express Computer
Home  »  Security  »  Iranian hackers breach VPN servers of several firms globally

Iranian hackers breach VPN servers of several firms globally

0 150

Cybersecurity researchers have spotted a widespread hacking by Iranian groups who compromised VPN (virtual private network) servers, planted bugs or ‘backdoors’ and succeeded in gaining access to the networks of numerous companies and organisations around the world. During the last quarter of 2019, the research team from the UK-based ClearSky uncovered a widespread Iranian offensive campaign which it called the “Fox Kitten Campaign”.

“This campaign is being conducted in the last three years against dozens of companies and organisations in Israel around the world,” the company said in a statement. “Through the campaign, the attackers succeeded in gaining access and persistent foothold in the networks of numerous companies and organisations from the IT, telecommunication, oil and gas, aviation, government and security sectors around the world,” it added.

Aside from malware, the campaign enfolds an entire infrastructure dedicated to ensuring the long-lasting capability to control and fully access the targets chosen by the Iranians. The campaign infrastructure was used to develop and maintain access routes to the targeted organisations and steal valuable information from the targeted organisations.

“Hackers maintained a long-lasting foothold at the targeted organisations and breach additional companies through supply-chain attacks.”

The campaign was conducted by using a variety of offensive tools, most of which open-source code-based and some self-developed. The Iranian APT groups have succeeded to penetrate and steal information from dozens of companies around the world in the past three years.

The most successful and significant attack vector used by the Iranian advanced persistent threat (APT) groups in the last three years has been the exploitation of known vulnerabilities in systems with unpatched VPN and RDP services, in order to infiltrate and take control over critical corporate information storages.

After breaching the organisations, the attackers usually maintain a foothold and operational redundancy by installing and creating several more access points to the core corporate network. As a result, identifying and closing one access point does not necessarily deny the capability to carry on operations inside the network.

“Iranian APT groups have developed good technical offensive capabilities and are able to exploit one-day vulnerabilities in relatively short periods of time,” said the researchers.

ClearSky observed Iranian groups exploiting VPN flaws within hours after the bugs had been publicly disclosed.

According to a ZDNet report, Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image