It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
Microsoft: Iranian hackers increase attacks on IT services companies. The aim is to steal credentials belonging to downstream customer networks. India, Israel, UAE are the most hit targets
Iranian state-sponsored hackers are increasing attacks against IT services companies. The aim is to steal sign-in credentials belonging to downstream customer networks to enable further attacks. It has been denounced by Microsoft cybersecurity experts. This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and access in a supply chain. To date this year, researchers issued more than 1,600 notifications to over 40 IT companies in response to Iranian targeting, compared to 48 notifications in 2020, making this a significant increase from years past. The focus of several threat groups on the IT sector particularly spiked in the last six months – roughly 10-13%. Most of the targeting is focused on IT services companies based in India, as well as in Israel and United Arab Emirates (UAE).