Iranian Hacking Group Teams Up with Ransomware Gangs to Target US Networks, FBI Warns
According to a new FBI alert, an Iranian state-sponsored hacking group has been collaborating with ransomware gangs to increase the damage inflicted on US targets. Known as Fox Kitten, this group has been infiltrating networks across the US, including those in educational institutions, healthcare providers, financial firms, and local governments, since 2017.
In 2020, Fox Kitten attempted to sell access to compromised US networks on cybercriminal forums. Now, the FBI reports that these Iranian hackers are directly working with ransomware affiliates to carry out encryption operations in exchange for a share of the ransom.
The FBI believes that a substantial portion of the group’s attacks on US organizations is aimed at gaining and developing network access, which is then used in collaboration with ransomware groups to deploy their malicious software. This includes working with gangs like NoEscape, RansomHouse, and ALPHV/BlackCat, the latter of which reportedly dissolved after being involved in a cyberattack on Change Healthcare earlier this year.
The FBI’s alert highlights that the Iranian hackers are not just providing access but are actively involved in the ransomware operations, working closely with affiliates to lock down victim networks and devise extortion strategies. The agency also notes that these hackers intentionally obscure their Iranian origins from their ransomware partners.
While the FBI did not provide specific details, they traced the group’s activity back to Iran, partly due to its use of the “Iranian company name Danesh Novin Sahand” as a cover. The motivation behind the collaboration with ransomware gangs is unclear, but it may be a way for the Iranian hackers to finance their operations.
Newer Articles
- Apple’s September Event to Unveil iPhone 16 with AI Enhancements and More
- Creative Strategies for Successful Startup Product Launches
- Battling Fatigue : Strategies for Reclaiming Vitality
