Russia-based hacking gang impersonates cyber spies of Iran

Cyber actors from Russia robed in like Iranian spies treacherously orchestrated attacks targeting different countries worldwide, the United States National Security Agency and United Kingdom's Cyber Security Centre, said jointly when issuing one statement. Having names such as 'Uroburos' and 'Snake,' the alleged Russia-based Turla syndicate remained invisible to users' eyes via acquiring infrastructure and tools of Iran while carrying out their attacks.

The attackers targeted 35 countries in all, including USA and UK, and the Middle East where numerous victims were clustered. Victims comprised government departments, military establishments, universities and scientific organizations. Following the cyber attack, National Cyber Security Centre of U.K. managed unraveling the puzzle as also uncovering the way the so-called Russian attackers successfully camouflaged as Iranian hackers.

Paul Chichester, Director of Operations at NCSC said identifying perpetrators of the cyber assaults could be pretty hard; however, most evidences indicated the culprit as the Turla syndicate. Mr. Chichester continued that his centre was sending an absolute message that no matter whether threat actors sought towards disguising themselves, he and his team had the capabilities of eventually exposing their identities.

Mr. Chichester added that Turla gained admission into Iranian software programs along with effectively exploiting them for accomplishing their objectives. www.foxnews.com posted this, October 21, 2019. According to the Centre, the attackers stole secret papers from governments of different nation-states.

Notably, Turla utilized implants whose designs were derived from "Nautilus" and "Neuron" hacking campaigns of Iranian groups. For obtaining the said tools as also using the infrastructure, the Russian perpetrators further hijacked the hacking gangs too of Iran.

Authorities from NCSC in a joint task with USA's National Security Agency investigated the operations of the doubtful Russian hackers. The investigation started towards the end of 2017.

The more or less rare joint task i.e. of describing the so-called spying activity of an alleged hacking group tied to Russia also focused on putting off such cyber activity. According to Chichester, those who actually owned the software tools might really not know so, else be complicit with the manner in which Turla put to work their implants, NCSC and NSA jointly stated.

» SPAMfighter News - 10/31/2019