The latest attacks a group Chafer Iranian reveal the ambitions of increasing

The gate Arab news technical.

A group Chafer group of hackers that take in Iran, more attacks in 2017, after he attacked more of the institutions within the Middle East and beyond, disseminating the new tools several.

Mounted Chafer set of new attacks have been ambitious in the past year, including breakthrough group of service providers and contact the key leaders in the region, in addition to having evidence to attack a major international company for travel.

It is the nature of the attacks, it seems that the Chafer basically act on the control of individuals and their community, where most of its attacks are aimed to collect information about targets or to facilitate observation.

Active group since 2014, and Symantec first disclosed its activity in the year 2015, when she found the control objectives, local and global, and many of the objectives of the group at this time inside Iran had already begun to penetrate the service provider to contact the airline in the Middle East.

The Group’s operations and expansion

Not affected by the group by its detection in the year 2015, and continued its activity increased in the year 2017 using the tools and infrastructure of a new attack, nine new institutions in the region in countries such as the kingdom of Jordan and the United Arab Emirates, Saudi Arabia and Turkey.

Attacks have targeted sectors such as airline services, aircraft, and software and Information Technology Services that work with shipping companies and air services, communication services, salaries, consulting engineering and management software documentation.

The objectives of the ambitious new

You know one of the providers of telecommunications services in the Middle East region, who works in the field selling solutions to telecom operators in the region, to attack in 2017 by a group Chafer was the primary goal of the attack, is to observe the customers of telecom operators, which means the rise of the group-degree in supply chain and ease of monitoring a large number of end-users.

Found Symantec, next to the directories on the occurrence of a breakthrough in this institution, a copy of the police files relating to one of the Messaging programs on the server for a range Chafer, along with the hacking tools used by the attackers.

How did Chafer in the breakthrough objectives

I found the Symantec it attacks the group in the year 2015, there are signs the leadership of Chafer attacks on network servers to your organization by way of injection attacks SQL “injection instructions query structural”, in order to install a malware on one of these servers.

In the year 2017 has added group tools piercing new, help it to use the file documents the sources, it is likely that it is posted in messages phishing e -, which are sent to personnel in the target organization.

New tools to penetrate networks

Found Symantec that set Chafer used seven new tools in their recent attacks in addition to malicious software that already and used in other attacks, namely the free tools available have been exploited in the intrusions:

  • Remcom: open source software alternative for software PsExes of Microsoft’s own stop processing in other systems.
  • Non-sucking Service Manager” NSSM“: service open-source alternative for Windows Service Manager which operates to remove the service or restart the service in case you give.
  • Custom tool to export the screen.
  • Tools for the SMB to the hack: works in coordination with other tools to penetrate the network of the target, these tools include EternalBlue that was used in the attacks ransom last WannaCry وPetya.
  • GNU HTTPTunnel: an open source tool able to open a tunnel HTTP binary trend in computers that run Linux, in order to provide connections beyond the firewall of your organization.
  • UltraVNC: an open source tool for remote work on Windows from Microsoft.
  • NBTScan: a free tool is doing a survey for internet protocol private companies in order to get information about the name of the NetBIOS.

The growing threats to the institutions of the Middle East

The Group has shown considerable activity in the recent period, and constantly upgrade and develop its instruments and style, in addition to they have become more daring in their choice of goals, although the Group is active regionally, they followed global trends in its attacks, this is due to that the tools used in the attacks, global available free and free and the Group is in a “living off the land”, where reduce the use of malware to detect on the victim, even in the case of the discovery of the attack becomes difficult to identify the attacking group.

Source: the latest attacks a group Chafer Iranian reveal the ambitions of increasing

0 Comments on “The latest attacks a group Chafer Iranian reveal the ambitions of increasing”

  1. I just couldn’t depart your site before suggesting that I extremely enjoyed the standard information a person provide for your visitors? Is going to be back often in order to check up on new posts

  2. It’s exhausting to seek out knowledgeable individuals on this subject, but you sound like you understand what you’re talking about! Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *