The latest rush in state-supported campaigns for hacking is not slowing down any time soon. US Cyber Command has claimed that unidentified state actors are making “active malicious employment” of a 2017-epoch Outlook error (long since fixed) to escape the sandbox of email client and infect a target system with malware. While executives did not stated who was involved, some hints have aimed at a likely link to Iran.
Media noted that a recognized Iran-supported hacking group, APT33, had employed the same flaw in December to deploy back doors on servers and rapidly push the error to Outlook consumers. Brandon Levene of Chronicle Security also discovered that code samples of the Cyber Command seemed associated to APT33’s disk-wiping Shamoon virus. Symantec had also alerted of elevated activity in recent months from the group.
If it is Iran and not a more recognizable perpetrator such as Russia, it recommends that political stress is translating squarely to the digital world. The US is thought to have knocked out Iranian rocket and missile systems in late June with a cyberattack, for example. Even though this Outlook campaign is not essentially direct retaliation for the missile attempt, it is hard to imagine Iran performing nothing in return.
On a related note, Twitter has banned almost 4,800 accounts it beloved of being squarely operated or connected to the Government of Iran. The social media behemoth launched a transparency report that detailed latest efforts to deal with the distribution of misinformation on its platform by insidious actors. Apart from the accounts from Iran, Twitter banned 4 accounts it believed of being connected to Internet Research Agency of Russia, 33 accounts run by a commercial body in Venezuela, and 130 fake accounts related to the Catalan independence movement in Spain. The media was shocked to report these cases.