These hackers are hitting victims with ransomware in an attempt to cover their tracks

Iranian hackers are targeting a range of organisations around the world in campaigns that use previously unidentified malware to conduct cyber-espionage actions and steal data from victims – and in some cases, the state-backed attackers are also launching ransomware in a dual effort to embarrass victims and cover their tracks. 

The two separate campaigns have been detailed by cybersecurity researchers at Cybereason, who’ve attributed the activity to an Iranian hacking group they track as Phosphorusalso known as APT35 and Charming Kitten – along with another Iranian-linked cyber operation, dubbed Moses Staff.

ZDNet Recommends

The attacks by Phosphorus have a more ‘traditional’ approach to cyber espionage, in that they’re designed to steal information and conduct operations that run in the interests of Tehran.  

SEE: A winning strategy for cybersecurity (ZDNet special report) 

The group is suspected of being behind multiple espionage campaigns against organisations and individuals in the United States, Europe and the Middle East, as well as attempts to interfere with the US presidential elections.

Now Phosphorus has added a new tool to their arsenal, trojan malware, which researchers have called PowerLess Backdoor, that allows attackers to conduct activity with little chance of being detected.  

Once installed on a

Read More: https://www.zdnet.com/article/these-hackers-are-hitting-victims-with-ransomware-in-an-attempt-to-cover-their-tracks/#ftag=RSSbaffb68