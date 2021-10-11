MS 365

Monday, Microsoft warned its Israeli account holders that an Iran-backed cell was conducting ‘extensive password spraying’ against MS Office users, and compromising targets include maritime shipping firms doing business in Mideast.

In a blog post, Microsoft said it had first identified the hacker cell — nicknamed DEV-0343 — in July.

Among the targets have been “defense companies that support United States, European Union, and Israeli government partners producing military-grade radars, drone technology, satellite systems, and emergency response communication systems.”

“This activity likely supports the national interests of the Islamic Republic of Iran based on pattern-of-life analysis, extensive crossover in geographic and sectoral targeting with Iranian actors, and alignment of techniques and targets with another actor originating in Iran,” the statement said.

“Gaining access to commercial satellite imagery and proprietary shipping plans and logs could help Iran compensate for its developing satellite program,” Microsoft said.

Map

Microsoft said the extensive password sprays used a technique to emulate a Firefox browser and using IPs hosted on a Tor proxy network. The attacks are most active between Sunday and Thursday between 7:30 AM and 8:30 PM Iran Time (04:00:00 and 17:00:00 UTC) with significant drop-offs inactivity before 7:30 AM and after 8:30 PM Iran Time.

Israel official said this year, "It's no secret that if Iran were to near the threshold of achieving a nuclear bomb, it would strike the Shi’ite nation with all the force at its command. The Shi’ite nation is an existential threat to Israel and Jews, and as such, Tel Aviv seeks to neutralize Tehran."

The comment highlights the 'forever war' against the two countries.

Follow me to see more articles like this. ... Follow

This is original content from NewsBreak’s Creator Program. Join today to publish and share your own content.