According to her research team ClearSky, an extensive one is currently taking place hacking campaign that has affected Companies worldwide. Campaigners are Iranian hacking teams who have violated VPN servers and have "planted" bugs and backdoors. Through them, criminals have managed to gain access in networks to many companies and organizations around the world.
ClearSky researchers have revealed extensive Iranians attacks on VPN servers during the last quarter of 2019. The campaign was named Fox Kitten Campaign.
"This campaign has been running for the last three years and targets dozens of companies and organizations around the world," the company said. security.
"Through this campaign, the attackers managed to gain access and remain for a long time in the networks of numerous companies and organizations in the field of information technology, telecommunications, oil, gas, aviation, government and security ", he added.
The hacking campaign was aimed at gaining valuable information from the target organizations.
According to experts, hackers having access to the target organizations, managed to breach other companies through supply chain attacks.
The Iranians hackers used various tools to infringe on VPN servers. Most were open-source code-based tools. Some of them were created by the hackers themselves.
Iranian APT teams have managed to steal information from dozens of companies worldwide over the last three years.
The most successful attacks have been through exploiting vulnerabilities in systems with non-updated VPN and RDP services. Vulnerabilities allow attackers to gain access to and control of systems where valuable information is stored.
After violating VPN services, the attackers install malware to gain further access to the central corporate network.
Therefore, locating and closing an access point did not necessarily stop hackers from accessing network, because they had arranged to open several "diodes" with backdoors, etc.
ClearSky discovered Iranian teams exploiting VPN vulnerabilities within hours of reporting the bugs.