It has been reported that International Committee for Red Cross ICRC has been hacked and that Iran were behind it.
ICRC went public on January 19th 2022 stating that their servers had been hacked and that personal records of over half a million people who are receiving aid from Red Cross has been affected. These extremely venerable people are all linked to the restoring family links section of Red Cross but Iranian regime has prove it doesn't care about human rights anyway.
The Hack itself occurred on November 9th 2021 using CVE-2021-40539 vulnerability on ADSelfService plus. When ICRC went public with this news in January a cyber actor called Sheriff went onto Raid Forums and tried to sell the leaked dataset. The Email account used for Sheriff to register to Raid Forums was kelvinmiddelkoop@hotmail.com which was named in court documents linked to an Iranian disinformation media campaign which proves regime guilt.
Sheriff also seemed to suggest that a ransom attempt had been made to ICRC stating that Mr. Mardini, your words have been heard. Check your email and send a figure you can pay. Mr. Mardini is General of ICRC. ICRC states that they have never had any contact with people who hacker their servers.
Sheriff also is trying to buy Penetration Testing tool Cobalt Strike offering $3000 for a cracked version. Sheriff was referred to Raid Forums by Pompompurin who says I know who sheriff is but im not saying anything.
It is evident that not only do this cruel and Evil regime like to prey on people who are desperate and vulnerable but that they also want to hack even more people by getting Cobalt Strike. Please my friends ensure that all your software is patched and up to date.
No comments:
Post a Comment