American security institutions in an announcement from Hacking of an American agency by Iranian hackers they informed Stay with us for more details.
According to the published news, the Next Gov database (nextgov) made a claim based on Hacking of an American agency by Iranian hackers has raised According to this site, Iranian hackers succeeded in penetrating the American agency’s network by using an unmodified Log4Shell vulnerability. Of course, the Cybersecurity and Infrastructure Security Agency asked US agencies to address the unpatched Log4Shell vulnerability by the end of 2021.
Read more: Massive hacker attacks on Iranian sites; Full-scale cyber war against Iran’s government sites!
Hacking of an American agency by Iranian hackers
On Wednesday, a joint cybersecurity notice was released by the Cybersecurity and Infrastructure Security Agency and the Federal Police, and according to the information contained in it Iranian hackers Using an unpatched vulnerability in a federal agency’s network, they hacked users’ credentials and installed cryptocurrency mining software.
These two security institutions claimed that An unnamed American civilian executive agency It was hacked in February 2022. Although these institutions did not attribute this hacker attack to any specific group, they claimed that this action was carried out by Iranian hackers.
In the same direction Cyber Security Agency And US Infrastructure Security said it first became aware of the breach in April while analyzing the agency’s network using EINSTEIN, a widespread intrusion detection system. Continuing his explanations, Sisa says that from mid-June to mid-July 2022, he conducted an operation in response to the incident of the aforementioned agency.
In a joint statement, the hackers installed the XMRig cryptocurrency mining software on the agency’s network and used Ngrok’s reverse proxy on multiple hosts to maintain stability. According to the announcement, the hackers also installed the Mimikatz open source program to steal credentials and create a domain management account.
Hacking an American agency by Iranian hackers It happened just a few months after the CISA emergency directive was issued in December 2021. The directive required federal agencies to assess their networks for Log4Shell vulnerabilities and remediate them.
Read more:
What is your opinion about the claim of hacking an American agency by Iranian hackers? Share your thoughts in the comments section duplicate share