Iran’s second largest mobile operator, Irancell, had nearly 20 million of its customers’ data leaked online, the biggest data breach known in Iran’s history. The information was leaked by a bot known as MTN Pro Bot on a messaging app, Telegram, which is used extensively by Iranians. The personal information that was obtained included full name, landline phone number, national code, city, address and postal code.
A few days after the leak was discovered, a 19-year-old computer student was arrested. The bot was banned and removed by the Ministry of Information and Communications Technology of Iran.
Cybersecurity researchers at SentinelOne discovered a piece of malware, Furtim’s Parent, that’s targeting energy grid systems. Specifically, Furtim’s Parent is a dropper, which is a program designed to download install additional malware. Its purpose is to prepare the field for additional tasks and remain undetected, gain privileges, and disable any existing security protection.
Due to the malware’s sophisticated and detailed nature, the researchers believe it was developed by a team of hackers working for the government, most likely from Eastern Europe.
References: Stealthy cyberespionage malware targets energy companies | Sophisticated Malware Found on the Network of a European Energy Company | Furtim's Parent, Stuxnet-like Malware, Aimed at Energy Firms
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.