sb.scorecardresearch

Published 13:44 IST, October 21st 2019

Russian group hijacked Iranian spying operation, officials say

The British and United States officials said on October 21  that Russian hackers took advantage of an Iranian cyber-espionage operation to attack the government

Reported by: Aanchal Nigam
Follow: Google News Icon
  • share
Russian
null | Image: self

The British and United States officials said on October 21 that Russian hackers took advantage of an Iranian cyber-espionage operation to attack the government along with the industry organizations in dozens of countries while pretending to be attackers from the Islamic State. The Russian group is known as “Turla” which was accused by the Estonian and Czech authorities of operating on behalf of the Russian security services used Iranian tools along with the computer infrastructure to hack into the organizations of nearly 20 different countries over the span of last 18 months. 

The hacking campaign

The UK and US intelligence group exposed the Turla group attack and was also published together by UK's National Cyber Security Centre and the US National Security Agency also revealed that the Turla group had attacked the majority of the victims from the middle east and even viewed the documents extracted from various sectors as well as governments. The group used the implants derived from the suspected Iran-based hacking groups' previous campaigns like 'Neuron' and 'Nautilus.' Further, in order to acquire similar tools, the Russian group also compromised the suspected group as themselves. 

Read - Google Pixel 4 Face Unlock Can Be Hacked By Just About Anybody

Paul Chichester, the NCSC director of operations said, “Identifying those responsible for attacks can be very difficult, but the weight of evidence points towards the Turla group being behind this campaign. We want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them. Turla acquired access to Iranian tools and the ability to identify and exploit them to further their own aims”.

Read - Journalist Hacked To Death By Gang In Andhra Pradesh

Waterbug or Venomous Bear

According to the official release by the NCSC, the Turla group is also referred to as Waterbugor or Venomous Bear. It regularly collects information by targeting military, government, technology, energy and commercial organizations. Turla used the Neuron and Nautilus implants and an ASPX-based backdoor alongside the Snake rootkit. The document provides an update on the reported activity, with a particular focus on how those tools were used in the period leading up to, and following, the publication of those advisories. 

Read - Shane Watson's Instagram Account Hacked, Cricketer Posts Apology

Read - Kiara Advani's Twitter Account Hacked, Warns Fans On Suspicious Links
 

Updated 15:07 IST, October 21st 2019