BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Eastern Tales: Peach Sandstorm and the Art of Digital Intelligence

    Iranian hackers are casting doubt in the minds of important organizations all over the world.

    Password guessing attacks by the APT33 group, also known as Peach Sandstorm, Holmium, Elfin, and Magic Hound, have been uncovered by Microsoft researchers. The aerospace, defense, and pharmaceutical industries are the main targets.

    Since 2013, the APT33 group has been well-known. At first, it went after energy firms involved in the manufacture of petrochemical products and the aviation sector. Although there were incidents in the United States, South Korea, and Europe as well, the Middle East accounted for the vast majority of victims.

    Hackers attacked tens of thousands of organizations worldwide between February and July 2023. Microsoft predicts that intelligence information for Iranian interests will likely be gathered during the initial access phase, according to the report.

    The attack was executed using the "password spraying" technique, in which a large number of accounts are compromised using the same password combination. By using this method, you can avoid automatic account blocking, which typically takes place after several failed password entry attempts. Attackers used a variety of tools to scour compromised systems for valuable information after a successful authentication.

    The use of specific "go-http-client" user agents and anonymous TOR IP addresses was a crucial aspect of the campaign because it made it more challenging to locate and apprehend offenders.

    Microsoft Entra ID (previously Azure Active Directory) was scouted by hackers using AzureHound and Roadtools.

    On the compromised device, the Azure Arc client was installed, and it was linked to a Peach Sandstorm-managed Azure subscription. You can use Azure Arc to remotely monitor hardware on your company's local network.

    The group also attempted to gain access to systems by utilizing vulnerabilities in the Zoho ManageEngine (CVE-2022-47966) and Atlassian Confluence (CVE-2022-26134) products.

    Author DeepWeb
    Cyber war of world giants: China accuses the US of attacking Huawei
    FBI Exposes Criminals Collaborating with Shipping Companies for Cash Collection

    Comments 0

    Add comment