From: tom’s guide
By Jill Scharr
A group of Iranian hackers have allegedly been targeting American defense contractors, and attempting to quell dissent in Iran itself, in an elaborate and technically advanced campaign that American security researchers call “Operation Saffron Rose.” The attacks began in October 2013 and continued until at least April 8, according to Milpitas, California-based security company FireEye, which documented the operation in a report released yesterday (May 13).
FireEye suspects that the group behind Saffron Rose is Ajax Security Team, whose members are thought to have conducted politically-motivated website defacements for several years. The group’s “graduation” from vandalism to espionage shows that Iranian actors in the cyber attack space are becoming more sophisticated, FireEye says.
In a report on Saffron Rose, FireEye researchers wrote that Ajax Security Team uses a combination of fake login pages, phishing emails and custom-built malware to steal login credentials and other data. In one attack, the group targeted U.S.-based aerospace companies by creating a fake registration page for the 2014 IEEE Aerospace conference.
Leave a Reply