IBMโ€™s cybersecurity wing, X-Force has discovered a server, thatโ€™s having training videos of Iranian hackers. The video showed how recruits are accessing user accounts and profiling their data for future purposes. Though itโ€™s not revealed how the gang has got those credentials, itโ€™s shown that theyโ€™re validating credentials over 75 websites and profiling.

Iranian Hackers Training Videos Leaked!

In the latest discovery by IBMโ€™s X-Force researchers, a trove of training videos was found in a server which was left exposed online. The researchers say the operators of those videos could be recruits to Iranian state-sponsored hackers and are learning how to hijack and profile account data.

The videos were made using a screen recorder called BandiCam, and were intentionally recorded rather than doubting that one of their malware fired back. The videos show a group of hackers doing various tasks like accessing target accounts using a list of credentials and profiling their data from various other accounts.

Researchers said the process is so detailed since theyโ€™re hijacking accounts with least importance also. According to Xcode team, hackers here are pulling data from various online accounts linked to targeting like credit reporting, municipal utilities, banks, student financial aid, video and music streaming, pizza delivery, baby product sites, mobile carriers and video games.

While the researchers havenโ€™t revealed how the hackers achieved those credentials, they say theyโ€™re validating credentials with at least 75 websites to access more accounts. Besides profiling, hackers here were also seen exfiltrating data from online accounts โ€“ especially Google. Videos show the Google account activity, history, Chrome data etc were exfiltrated.

Finally, researchers linked the authors to be ITG18 which theyโ€™re tracking since past and called also called as Charming Kitten, Phosphorous, and APT35. The group is a state-sponsored gang from the Iranian government and has records of attacking government departments in past.

LEAVE A REPLY

Please enter your comment!
Please enter your name here