A joint advisory from the U.S. and U.K. warns Russians are using Iranian hacking technology to target governments, military, schools, and scientific organizations of at least 35 countries, mostly in the Middle East, Defense One reported Monday.
The advisory comes from the officials at the U.S. National Security Agency and U.K.'s National Cyber Security Centre, per the report.
The hackers from Turla group are widely believed to be Russian and using Nautilus and Neuron, two hacking tools "very likely" to have originated in Iran, according to Defense One.
Access to systems were initiated by hacking done by Iranian persistent threat groups, but Russia "piggy-backed" the hack to advance their own agendas, according to the advisory.
"The timeline of incidents, and the behavior of Turla in actively scanning for Iranian backdoors, indicates that while Neuron and Nautilus tools were Iranian in origin, Turla was using these tools and accesses independently to further their own intelligence requirements," the advisory read, per Defense One. "Although [Turla] had a significant amount of insight into the Iranian [backdoor shells], they did not have full knowledge of where they were deployed."
"Those behind Neuron or Nautilus were almost certainly not aware of, or complicit with, Turla’s use of their implants," it added.
Russian work then also hacked into Iranian groups, per the report.
"This access gave Turla unprecedented insight into the tactics, techniques and procedures of the Iranian APT, including lists of active victims and credentials for accessing their infrastructure, along with the code needed to build versions of tools such as Neuron for use entirely independently of Iranian [command-and-control] infrastructure," according to the advisory.
© 2023 Newsmax. All rights reserved.