Iranian Threat Group Could Be Eyeing Attacks on US Critical Infrastructure
DOJ charged 34 Chinese security officers in fake social media campaign, Hikvision denies disguised gear sale to US, Messaging firms decry UK safety bill, NSO used new iPhone hacks, much much more
Microsoft reports that an Iranian government-linked hacking group it calls Mint Sandstorm, previously known for its focus on reconnaissance, has shifted to targeting US critical infrastructure, potentially to launch destructive cyberattacks.
The company formerly called the group Phosphorus, and other cybersecurity firms call it Charming Kitten, APT 35, APT 42, and TA453. The change in approach began in 2021 and coincided with when Iran suffered cyberattacks, for which it blamed Israel and the United States.
Mint Sandstorm previously targeted dissidents, activists, and the defense industrial base but has recently targeted multiple seaports, transportation, and energy organizations. Microsoft thinks the group could be “pre-positioning” for access to critical infrastructure in the United States.
Security researchers have concluded that Mint Sandstorm is tied to the Islamic Revolutionary Guard Corps (IRGC). Iran has denied carrying out cyberattacks. Microso…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.