Iranian state-sponsored hackers are working closely with ransomware groups on monetizing unauthorized access to the networks of organizations in the United States and elsewhere, the US government says
The US government’s joint advisory came out the same day that Mandiant published a report on a suspected Iran counterintelligence operation targeting Iranians and domestic threats, and Microsoft details on Iran-linked Peach Sandstorm’s use of a new custom backdoor.
Posted earlier:
The advanced persistent threat (APT) actor has been observed compromising the networks of financial institutions, municipal governments, schools, and healthcare facilities in the US, while also targeting organizations in Azerbaijan, Israel, and the United Arab Emirates.