21 C
Jaipur
Friday, October 30, 2020

Iranian Threat Group Exposes 40 GBs of their Training Video

Must read

How To Use pulseaudio-dlna To Stream Audio From Ubuntu 20.10 To Chromecast Devices

pulseaudio-dlna is a streaming server which allows streaming audio from your Linux computer to a Chromecast or DLNA / UPNP device in the same...

Nokia cuts full-year profit forecast, announces new strategy – Latest News

STOCKHOLM/HELSINKI: Nokia cut its full-year profit forecast even as the telecom network equipment maker's quarterly underlying profit met expectations in its first earnings under...

payments technology: JPMorgan backs UK payments technology company Icon Solutions – Latest News

JPMorgan Chase & Co has made a strategic investment in Icon Solutions, a UK-based company that advises and provides technology to banks to help...

tcl 4k tv: TCL expands its smart TV lineup with TVP615 Android TV, price starts at Rs 23,999

Expanding its smart TV lineup, consumer electronics brand TCL has launched its latest 4K UHD TV -- TVP615 in India. The TV runs

Iranian threat group ITG18 known for targeting pharmaceutical companies and the U.S. presidential campaigns. IBM referred to the group as ITG18, whereas the other security firms refer to as APT35 or Charming Kitten.

The group found to be active since 2013, the group is known for conducting sophisticated phishing attacks.

Training Video Exposed

IBM X-Force Incident Response Intelligence Services (IRIS) found a server associated with ITG18 associates that have more than 40 gigabytes of training video and other data.

An OPSEC failure with ITG18 operator exposes the inner working of threat actors and a way to have “a unique behind-the-scenes look into their methods, and potentially, their legwork for a broader operation.”

The training videos mainly focused on creating accounts, operator testing access, and exfiltrating data from the compromised accounts.

Based on video files timestamps, the video’s found to be recorded approximately one day before being uploaded to the ITG18-operated server.

In the video, operators explain “how to exfiltrate various datasets associated with these platforms including contacts, photos, and associated cloud storage.”

“Some of the operator-owned accounts observed in the training videos provided additional insight into personas associated with ITG18, such as phone numbers with Iranian country codes.”

The videos also contain failed phishing attempts of targeting the personal accounts of an Iranian-American philanthropist and officials of the U.S. State Department.

The videos also exposed the persona accounts and Iranian phone numbers associated with ITG18 operators.

Based on the training materials it appears the operators are looking to gather trivial social information about the individuals.

To note: If the threat actors successfully authenticated against a site and if they have multifactor authentication (MFA) they stop the process and move on to other accounts.

The discovery shows the importance of Using Multifactor Authentication, Reset Your Passwords Periodically & using a Password Manager.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How To Use pulseaudio-dlna To Stream Audio From Ubuntu 20.10 To Chromecast Devices

pulseaudio-dlna is a streaming server which allows streaming audio from your Linux computer to a Chromecast or DLNA / UPNP device in the same...

Nokia cuts full-year profit forecast, announces new strategy – Latest News

STOCKHOLM/HELSINKI: Nokia cut its full-year profit forecast even as the telecom network equipment maker's quarterly underlying profit met expectations in its first earnings under...

payments technology: JPMorgan backs UK payments technology company Icon Solutions – Latest News

JPMorgan Chase & Co has made a strategic investment in Icon Solutions, a UK-based company that advises and provides technology to banks to help...

tcl 4k tv: TCL expands its smart TV lineup with TVP615 Android TV, price starts at Rs 23,999

Expanding its smart TV lineup, consumer electronics brand TCL has launched its latest 4K UHD TV -- TVP615 in India. The TV runs

paytm: Parliamentary panel questions Paytm about Chinese investment, storing of data in servers abroad – Latest News

A parliamentary panel on Thursday questioned Paytm representatives about the quantum of Chinese investment in the company and told them that the servers on...