Another cyber espionage campaign found targeting Iran

Another cyber espionage campaign found targeting Iran

BOSTON - Reuters
Another cyber espionage campaign found targeting Iran

Kaspersky Lab, one of the world's biggest producers of anti-virus software, said its experts discovered Flame during an investigation prompted by the International Telecommunication Union. AFP photo

Security experts have uncovered an ongoing cyber espionage campaign targeting Iran and other Middle Eastern countries that they say stands out because it is the first such operation using communications tools written in Persian.

Israeli security company Seculert and Russia's Kaspersky Lab, said on Tuesday that they identified more than 800 victims of the operation. The targets include critical infrastructure companies, engineering students, financial services firms and government embassies located in five Middle Eastern countries, with the majority of the infections in Iran.
 
Seculert and Kaspersky declined to identify specific targets of the campaign, which they believe began at least eight months ago. They said they did not know who was behind the attacks or if was a nation state.
 
"It's for sure somebody who is fluent in Persian, but we don't know the origin of those guys," said Seculert Chief Technology Officer Aviv Raff.
 
The Mahdi Trojan lets remote attackers steal files from infected PCs and monitor emails and instant messages, Seculert and Kaspersky said. It can also record audio, log keystrokes and take screen shots of activity on those computers.
 
The firms said they believed multiple gigabytes of data have been uploaded from targeted machines.
 
"Somebody is trying to build a dossier of a larger scale on something," Raff said. "We don't know what they are going to do at the end."
 
Researchers have previously said that nation states were almost certainly behind the Flame virus, which was discovered earlier this year, and Duqu, which was uncovered in 2011.
 
Seculert and Kaspersky dubbed the campaign Mahdi, a term referring to the prophesied redeemer of Islam, because evidence suggests the attackers used a folder with that name as they developed the software to run the project.
 
They also included a text file named mahdi.txt in the malicious software that infected target computers.

Quark.Models.Entities.Ancestor?.Title?.ToUpperInvariant() German president pays visit to quake-hit Turkish city

German president pays visit to quake-hit Turkish city
LATEST NEWS

  1. German president pays visit to quake-hit Turkish city

    German president pays visit to quake-hit Turkish city

  2. Turkish security forces ‘neutralize’ 19 PKK terrorists in Iraq, Syria

    Turkish security forces ‘neutralize’ 19 PKK terrorists in Iraq, Syria

  3. Political leaders mark anniversary of parliament’s establishment

    Political leaders mark anniversary of parliament’s establishment

  4. No let-up as Gaza war enters 200th day

    No let-up as Gaza war enters 200th day

  5. Tensions flare at US universities over Gaza protests

    Tensions flare at US universities over Gaza protests
Recommended
Rock & Roll Hall of Fame announces 2024 class of inductees

Rock & Roll Hall of Fame announces 2024 class of inductees
Istanbul Cinema Museum celebrates Devrim Erbil’s 60th year

Istanbul Cinema Museum celebrates Devrim Erbil’s 60th year
French basilica displays rediscovered Raphael painting

French basilica displays rediscovered Raphael painting
Earth Day: Taking steps to avoid pointless plastic

Earth Day: Taking steps to avoid 'pointless plastic'
UK environment activists guilty of halting Les Miserables

UK environment activists guilty of halting 'Les Miserables'
Ancient Roman solar roof tiles power Pompeii villa

'Ancient Roman' solar roof tiles power Pompeii villa
AI-generated coffee launched in Finland

AI-generated coffee launched in Finland

WORLD No let-up as Gaza war enters 200th day

No let-up as Gaza war enters 200th day

The Israel-Hamas war entered its 200th day on Tuesday, with fears mounting of an Israeli invasion in the overcrowded south of Gaza amid calls for hostages to be freed.

ECONOMY Eurozone business activity accelerates in April

Eurozone business activity accelerates in April

Business activity in the eurozone picked up in April thanks to "increasingly robust" growth in the services sector, a closely watched survey showed on April 23.
SPORTS Tour of Türkiye embarks on 8-stage journey

Tour of Türkiye embarks on 8-stage journey

The 59th Presidential Cycling Tour of Türkiye (TUR) kicks off on April 21 in the Mediterranean resort city of Antalya with the participation of 25 professional cycling teams.