It has been reported by the Microsoft Intelligence center that malicious password spray attacks which first occurred in July have been attributed to Iranian cybercriminals codenamed DEV-0343, according to the Microsoft Information center.
The term password spray usually refers to a brutal attack in which a cybercriminal uses the same password on multiple accounts, with the goal of locking the account with repeated attempts to gain unauthorized access.
DEV-0343 seeks to target more than 250 Office 365 tenants associated with US, Israeli and EU defense companies, as well as ports and shipping companies in the Persian Gulf. However less than 20 tenants have been successfully hacked.
DEV-0343
These attacks were simulated by DEV-0343 using an emulated Firefox browser and rotated through IPs hosted on a TOR proxy network. This attempt to remain anonymous did not work, because after analyzing the lifestyle and geographical targeting of known Iranian cybercriminals, it became clear that this was the work of this vicious and intrusive regime. At 7:30 a.m. and 8:30 p.m. Iranian time the group targets hundreds of accounts at a time, praying for just one account for weak cyber security measures.
Friends please protect yourself from this criminal group 🙏. Enable 2FA authentication on all your accounts, block all incoming traffic from anonymous services, and make sure all of your Microsoft Exchange access policies are up to date.
When will this regime stop interfering with the rest of the world while the Iranian people are starving? While Internet blackouts occur regularly? How can the Iranian government continue to claim its lack of money while supporting criminal acts like this? 😡
Follow me on Twitter and Instagram: @_0x7c3
#cybercrime #cybersecurity #cybercrime #DEV0343 #PasswordSpray #cyber #attack #Office365 #Microsoft
No comments:
Post a Comment