Iran Attacks Israel With Cyber Attacks | Iran Cyber Attack on Israel
🔗Get a 14-day free trial with my sponsor Aura and see where your personal information is being leaked online: https://Aura.com/nico
🔗 ESET Smart Security: https://www.jdoqocy.com/click-100472156-14410248
ESET Research Document 1: https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-iran-aligned-ballistic-bobcat-targets-businesses-in-israel-with-a-new-backdoor/
ESET Research Document 2: https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-iran-aligned-oilrig-group-deployed-new-malware-to-its-israeli-victims-collecting-crede/
💢 Business Inquiries: garrettgateway@protonmail.com
Iran Attacks Israel with Cyber Attacks
September 11, 2023 — ESET researchers have discovered a campaign by the Ballistic Bobcat group, which is using a novel backdoor that ESET has named Sponsor. Ballistic Bobcat, previously tracked by ESET Research as APT35/APT42 (also known as Charming Kitten, TA453, or PHOSPHORUS), is a suspected Iran-aligned, advanced, persistent threat group that targets education, government, and healthcare organizations, as well as human rights activists and journalists. It is most active in Israel, the Middle East, and the United States. Its aim is cyberespionage, and a significant majority of the 34 victims were located in Israel, with only two located in Brazil and the UAE. In Israel, automotive, manufacturing, engineering, financial services, media, healthcare, technology and telecommunications verticals have been attacked.
Thus, Ballistic Bobcat continues to look for targets of opportunity with unpatched vulnerabilities in internet-exposed Microsoft Exchange servers. “The group continues to use a diverse, open-source toolset supplemented with several custom applications, including the newly discovered Sponsor backdoor. Defenders would be well advised to patch any internet-exposed devices and remain vigilant for new applications popping up within their organizations,” says ESET researcher Adam Burgher, who discovered the Sponsor backdoor and analyzed the latest Ballistic Bobcat campaign.
ESET researchers have analyzed two campaigns by the Iran-aligned OilRig APT group: Outer Space from 2021, and Juicy Mix from 2022. Both of these cyberespionage campaigns targeted Israeli organizations exclusively, which is in line with the group’s focus on the Middle East, and both used the same playbook: OilRig first compromised a legitimate website to use as a C&C server and then delivered previously undocumented backdoors to its victims while also deploying a variety of post-compromise tools mostly used for data exfiltration from the target systems. Specifically, they were used to collects credentials from Windows Credential Manager and from major browsers, credentials, cookies and browsing history.
In their Outer Space campaign, OilRig used a simple, previously undocumented C#/.NET backdoor ESET Research has named Solar, along with a new downloader, SampleCheck5000 (or SC5k), that uses the Microsoft Office Exchange Web Services API for C&C communication. For the Juicy Mix campaign, the threat actors improved on Solar to create the Mango backdoor, which possesses additional capabilities and obfuscation methods. Both backdoors were deployed by VBS droppers, presumably spread via spearphishing emails. In addition to detecting the malicious toolset, ESET has also notified the Israeli CERT about the compromised websites.
OilRig, also known as APT34, Lyceum, or Siamesekitten, is a cyberespionage group that has been active since at least 2014 and is commonly believed to be based in Iran. The group targets Middle Eastern governments and a variety of verticals, including chemical, energy, financial and telecommunications.
Chapters:
0:00 Intro
0:50 Sponsor
1:20 First Attack
1:50 2nd Attack
3:00 What Israel Says
Iran Israel Hamas Attacks War
Download Tron Script: https://www.reddit.com/r/TronScript/
---------------
▶️ Please subscribe: https://www.youtube.com/c/NicoKnowsTech
---------------
▶️ Join my Discord: https://discord.io/NicoKnowsTech
▶️ Support me on Patreon: https://www.patreon.com/NicoKnowsTech
---------------
▶️ Follow me on:
Instagram - https://www.instagram.com/nicoknowstech
Twitter - https://twitter.com/NicoKnowsTech
▶️ Frequently Asked Questions: https://youtu.be/_vm4eE9qYcY
---------------
▶️ Check out my other videos:
Block ALL Ads, Malware Domain, Trackers & More: https://youtu.be/cEbo3xSlTh0
NKM Minecraft Faction Server Launched: https://youtu.be/pp2x9SPK6t4
Virus Removal Tutorial: https://youtu.be/E7lgM7SCUlc
Can you trust virus scanners? :https://youtu.be/_-6hs4p9cNU
---------------
#Israel #Iran #hamasattack #cybersecurity
Видео Iran Attacks Israel With Cyber Attacks | Iran Cyber Attack on Israel канала Nico Knows Tech
🔗 ESET Smart Security: https://www.jdoqocy.com/click-100472156-14410248
ESET Research Document 1: https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-iran-aligned-ballistic-bobcat-targets-businesses-in-israel-with-a-new-backdoor/
ESET Research Document 2: https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-iran-aligned-oilrig-group-deployed-new-malware-to-its-israeli-victims-collecting-crede/
💢 Business Inquiries: garrettgateway@protonmail.com
Iran Attacks Israel with Cyber Attacks
September 11, 2023 — ESET researchers have discovered a campaign by the Ballistic Bobcat group, which is using a novel backdoor that ESET has named Sponsor. Ballistic Bobcat, previously tracked by ESET Research as APT35/APT42 (also known as Charming Kitten, TA453, or PHOSPHORUS), is a suspected Iran-aligned, advanced, persistent threat group that targets education, government, and healthcare organizations, as well as human rights activists and journalists. It is most active in Israel, the Middle East, and the United States. Its aim is cyberespionage, and a significant majority of the 34 victims were located in Israel, with only two located in Brazil and the UAE. In Israel, automotive, manufacturing, engineering, financial services, media, healthcare, technology and telecommunications verticals have been attacked.
Thus, Ballistic Bobcat continues to look for targets of opportunity with unpatched vulnerabilities in internet-exposed Microsoft Exchange servers. “The group continues to use a diverse, open-source toolset supplemented with several custom applications, including the newly discovered Sponsor backdoor. Defenders would be well advised to patch any internet-exposed devices and remain vigilant for new applications popping up within their organizations,” says ESET researcher Adam Burgher, who discovered the Sponsor backdoor and analyzed the latest Ballistic Bobcat campaign.
ESET researchers have analyzed two campaigns by the Iran-aligned OilRig APT group: Outer Space from 2021, and Juicy Mix from 2022. Both of these cyberespionage campaigns targeted Israeli organizations exclusively, which is in line with the group’s focus on the Middle East, and both used the same playbook: OilRig first compromised a legitimate website to use as a C&C server and then delivered previously undocumented backdoors to its victims while also deploying a variety of post-compromise tools mostly used for data exfiltration from the target systems. Specifically, they were used to collects credentials from Windows Credential Manager and from major browsers, credentials, cookies and browsing history.
In their Outer Space campaign, OilRig used a simple, previously undocumented C#/.NET backdoor ESET Research has named Solar, along with a new downloader, SampleCheck5000 (or SC5k), that uses the Microsoft Office Exchange Web Services API for C&C communication. For the Juicy Mix campaign, the threat actors improved on Solar to create the Mango backdoor, which possesses additional capabilities and obfuscation methods. Both backdoors were deployed by VBS droppers, presumably spread via spearphishing emails. In addition to detecting the malicious toolset, ESET has also notified the Israeli CERT about the compromised websites.
OilRig, also known as APT34, Lyceum, or Siamesekitten, is a cyberespionage group that has been active since at least 2014 and is commonly believed to be based in Iran. The group targets Middle Eastern governments and a variety of verticals, including chemical, energy, financial and telecommunications.
Chapters:
0:00 Intro
0:50 Sponsor
1:20 First Attack
1:50 2nd Attack
3:00 What Israel Says
Iran Israel Hamas Attacks War
Download Tron Script: https://www.reddit.com/r/TronScript/
---------------
▶️ Please subscribe: https://www.youtube.com/c/NicoKnowsTech
---------------
▶️ Join my Discord: https://discord.io/NicoKnowsTech
▶️ Support me on Patreon: https://www.patreon.com/NicoKnowsTech
---------------
▶️ Follow me on:
Instagram - https://www.instagram.com/nicoknowstech
Twitter - https://twitter.com/NicoKnowsTech
▶️ Frequently Asked Questions: https://youtu.be/_vm4eE9qYcY
---------------
▶️ Check out my other videos:
Block ALL Ads, Malware Domain, Trackers & More: https://youtu.be/cEbo3xSlTh0
NKM Minecraft Faction Server Launched: https://youtu.be/pp2x9SPK6t4
Virus Removal Tutorial: https://youtu.be/E7lgM7SCUlc
Can you trust virus scanners? :https://youtu.be/_-6hs4p9cNU
---------------
#Israel #Iran #hamasattack #cybersecurity
Видео Iran Attacks Israel With Cyber Attacks | Iran Cyber Attack on Israel канала Nico Knows Tech
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
How to Remove Virus from Windows 11 in 2023 | How to Remove ANY Virus from Windows in ONE STEP
BIOS Virus #shorts #cybersecurity #hackers #technology #cybersafety #informationsecurity #bios
BIOS Virus #shorts #cybersecurity #hackers #technology #cybersafety #informationsecurity #bios
💀Worst Computer Virus: BIOS Virus | Motherboard Virus | Antivirus | UEFI Rootkit
How to Add VirusTotal to Windows #antivirus #cybersecurity #techtips #technology #cybersafe
🦠 Unmasking Computer Viruses: Quick Tips for Detection! #cybersecurity #antivirus #accounthacked
How To Detect Virus on Computer | How To Check PC Viruses & Malware | Best Virus Scanner
BIOS Virus #shorts #cybersecurity #hackers #technology #cybersafety #informationsecurity #bios
💀 Worst Computer Virus: BIOS Virus | Motherboard Virus | Lojax | UEFI Rootkit
Soundcore Motion X600 Review - Elevate Your Audio Experience!
How To Stop Hackers | Cyber Security Tips | PC Security
Gravastar Super Nova Bluetooth Speaker from another planet. Review incoming!
VZR Model One Review | Best Gaming Headset 2023 | Nico Knows Tech
FDUCE SL40X Review | Budget Podcast Microphone | Nico Knows Tech
Meze 109 Pro Best Audiophile Headphones Review
Trailer - HACKED! Effects of a Cyber Attack | Real Life Effects and Psychological Effects
PC Tips Q&A | Ask Me Anything LIVE
Advanced SystemCare Review | Before You Buy | IOBit Advanced SystemCare Pro Review
Cleer Alpha Headphones Review | Best ANC Headphones | Cleer Alpha Review
Pro Gamer Headset | Austrian Audio PG16 Headset Review | Best Gaming Headset 2022 |