image credit: Christiaan Colen / Flickr

Cybercriminal greeners from Iran attack companies worldwide for financial gain

August 24, 2020


The attackers used Dharma ransomware and a mix of publicly available tools to target companies in Russia, Japan, China, and India. All the affected organizations had hosts with Internet-facing RDP and weak credentials. The hackers typically demanded a ransom between 1-5 BTC. The newly discovered hacker group suggests that Iran, which has been known as a cradle of state-sponsored APT groups for years, now also accommodates financially motivated cybercriminals.

Read More on Security Affairs