CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide

The initial wave of both the real and fictional Cyberav3gers was part of a tact with a highly aggressive hacker group, which works on behalf of both real and fabricated, Israeli military or intelligence agencies. This group of rival, It is known as a predatory sparrowWhile reading behind a hacktivist front, Iran has repeatedly targeted critical infrastructure systems. In 2021, more than 4,000 Iranian gas stations have been disabled across the country. Then, in 2022, perhaps the most destructive cyberhack in history set up a steel mill. The missile campaign of the hacking campaign dated 2023 dated 2023, the missile, a predatory sparrow in December of the Iranian supported Houthi rebels and revolted the gas stations in the same year by demolishing the gas stations in the same year.

“Khamenei!” The prey sparrow, in the Persian, referring to Iran’s leader in the X. “We will react to bad provocations in the region.”

The attacks of the prey sparrow were strongly focused on Iran. However, Cyberav3gers are not limited to Israeli targets or even Israeli devices used in other countries. In April and May last year, Dragos says the group refused to name the US oil and gas company-dragos company Sophosu and Fortinet security devices. Dragos scanned the Internet for venue control system facilities, as well as in the months he watched, as well as visiting the websites of manufacturers of manufacturers of these devices.

After the end of the end of 2023 US Treasury Six IRGC officials sanctioned Saying the group and the State Department gave the head of $ 10 million in favor. But far from preventing, Cyberav3ngers showed signs of becoming more common instead of this.

Last December, claroty obvious This cyberav3ngers, using an advanced malicious program, has been infected with a wide range of industrial management systems and Internet devices (IOT). The tool that calls Claroty Iocontrol was a Linux-based rear door that hides a protocol known as the MCA, known as MCA. Routers have been planted in camera to industrial control systems. Dragos said the United States has found devices from Australia from the United States to Europe.

According to Claroty and Dragos, the FTB controls the team and control server for Iocontrol with the December Report of the Narrow, which neutralized the harmful program. (FBI did not respond to a string request for comment on the operation.) However, Cyberav3ngers’ hacking campaign, according to the group, according to the group for Claroty, shows a dangerous evolution in the group’s tactics and motifs.

“We are moving from the world of opportunistic aggressors, cyberav3gers, which spread a message to a constantly danger of danger of all targets,” Muse says. In the Iocontrol hacking campaign, he added: “They wanted to infect themselves and only to leave their harmful programs as an option for the future.”

When the Iranian government can win a geopolitical advantage of a widespread digital violation, the group can expect the most strategic highlight. However, the group’s actions already show that he does not want to send a message to the protest against Israeli military actions. Instead, Moshe is controvers, trying to gain the ability to break the foreign infrastructure.

“This is like a red button on his desk. In a moment, they want to be able to attack many different segments, many different areas, many different organizations,” he says. “And they do not go.”