Researchers with cybersecurity company SentinelOne reconstructed the recent cyberattack on Iran's train system in a new report, uncovering a new threat actor -- which they named 'MeteorExpresss' -- and a never-before-seen wiper.
On July 9, news outlets began reporting on a cyberattack targeting the Iranian train system, with hackers defacing display screens in train stations by asking passengers to call '64411', the phone number of Iranian Supreme Leader Khamenei's office.
Train services were disrupted and just one day later, hackers took down the website of Iran's transport ministry. According to Reuters, the ministry's portal and sub-portal sites went down after the attack targeted computers at the Ministry of Roads and Urban Development.
In his examination, SentinelOne principal threat analyst Juan Andres Guerrero-Saade explained that the people behind the attack called the never-before-seen wiper 'Meteor' and developed it in the last three years.
View Full Article
No entries found