Hacker Revealed Hacking Tools and Operations Carried Out By Iran’s Elite Cyber-Espionage Units
Who: Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten.
# of Accounts Breached: 66 victims
What was affected: Usernames and password combos to internal network servers info and user IPs.
When it happened: April 17, 2019
How it happened: In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. The tools have been leaked since mid-March on a Telegram channel by an individual using the Lab Dookhtegan pseudonym.
Besides hacking tools, Dookhtegan also published what appears to be data from some of APT34’s hacked victims, mostly comprising of a username and password combos that appear to have been collected through phishing pages.
Outcome: The data leaked on this Telegram channel is now under analysis by several cyber-security firms. It has also made its way on other file sharing sites, such as GitHub.