The Greek Navy was hacked by Iranian hackers [EXCLUSIVE]

The Greek Navy was hacked by Iranian hackers Researchers Security IBM recently discovered leaked video online, with hackers showing the techniques they use to hack into accounts and systems of their potential victims.

In the video leaked, top Iranian hackers analyse the attacks they carried out, resulting in hacking into the accounts of people of different backgrounds and from different countries. Among the accounts hacked by Iranian government hackers are members of the Greek Navy.

More generally, in the attacks carried out by the Iranian hackers, email accounts were primary targets, with accounts social media have also been largely violated.
The researchers said that the Iranian hackers follow a meticulous and well-thought-out process, with operators gaining access to every account of a targeted victim, regardless of how important or unimportant their online profile was.

Among the accounts they acquired Accessed at, included, among other things, accounts held by the victims targeted for music - video streaming, delivery, credit reporting, banks, video-games and mobile phone companies.

SecNewsTV

Περισσότερα... Subscribe!

The Iranian hackers went into the settings section of each target account and searched for personal information that may not be included in other online accounts in an attempt to create as complete and representative a profile as possible for each target. IBM did not, however, provide further details on how the hackers obtained the credentials for each victim. Therefore, it is not clear whether they infected the targets with malware or whether they bought their credentials from an "underground" market.

In some of the leaked videos, the Iranian hackers discuss techniques they have used to steal data from their targets. This includes extracting all of the target account's contacts, photos and documents from relevant services cloud storage like Google Drive.

IBM researchers point out that in some cases, operators also accessed Google Takeout to extract information, such as the full content of the Google Account of targets, including location history, information from Chrome and connected Android devices.

The operators then added the victims' email credentials to a Zimbra instance (known mail server software) operated by the Iranian group, which would allow hackers to remotely monitor multiple accounts from a backend panel. Other videos also show the operators engaged in setting up puppet email accounts, which IBM researchers believe hackers are very likely to use for future attacks.

The videos also describe failed attempts to access target accounts, such as the accounts of officials of the Ministry of Foreign Affairs of the USA. The videos where the account compromise attacks have failed are mainly for accounts using two-factor authentication (2FA).

The Iranian hackers who appear to be behind these videos are members of the group "ITG18", better known as Charming Kitten, Phosphorous or APT35. This group has targeted, among others, the military, US financial regulators and US nuclear scientists. This is linked to the fact that these sectors have attracted Iran's interest due to the rising military tensions between the two countries, the economic sanctions imposed on Iran, and Iran's nuclear program.

Until now it is not clear what the number of targeted naval personnel (there are insufficient reports) whose data was taken under the control of the Iranian hackers. Additionally, it is not clear whether the attack involved targeting personal data mining or sensitive data of operational importance to the Iranian government hackers.

The news that among the targets were members of the Greek Navy has caused much concern in the Greek Armed Forces. AWe await the reaction/announcement of the Ministry of Defence, regarding the leaks from foreign pages about the targeting of members of the Greek armed forces by Iranian hackers.

Stay tuned.