Hacktivist attacks surge on U.S. targets after Iran bombings, with groups claiming DDoS hits on military, defense, and financial sectors amid rising tensions.
The U.S. has become a target in the hacktivist attacks that have embroiled several Middle Eastern countries since the start of the Israel-Iran conflict.
Several hacktivist groups have claimed DDoS attacks against U.S. targets in the wake of U.S. airstrikes on Iranian nuclear sites on June 21.
The attacks—most notably from hacktivist groups Mr Hamza, Team 313, Cyber Jihad, and Keymous+—targeted U.S. Air Force domains, major U.S. Aerospace and defense companies, and several banks and financial services companies.
The cyberattacks follow a broader campaign against Israeli targets that began after Israel launched attacks on Iranian nuclear and military targets on June 13. Israel and Iran have exchanged missile and drone strikes since the conflict began, and Iran also launched missiles at a U.S. military base in Qatar on June 23.
The accompanying cyber warfare has included DDoS attacks, data and credential leaks, website defacements, unauthorized access, and significant breaches of Iranian banking and cryptocurrency targets by Israel-linked Predatory Sparrow. Electronic interference with commercial ship navigation systems has also been reported in the Strait of Hormuz and the Persian Gulf.
Open-Source Stealer Widely Abused by Threat Actors
The threat of InfoStealers is widespread and has been frequently employed by various Threat Actors (TA)s to launch attacks and make financial gains. Until now, the primary use of stealers by TAs has been to sell logs or to gain initial entry into a corporate network.