The U.S. State Department said they were seeking information on Iranian hackers who they accused of targeting critical infrastructure using a strain of malware deployed against industrial control systems.
U.S. officials are offering up to $10 million for details on a hacker affiliated with the group called CyberAv3ngers that gained prominence in 2023 and 2024 for a string of cyberattacks on U.S. and Israeli water utilities.
Law enforcement agencies eventually tied CyberAv3ngers to Iran's Islamic Revolutionary Guard Corps Cyber-Electronic Command, and in August offered a reward for information on at least six Iranian government hackers allegedly behind the effort and placing sanctions on the men.
On Thursday, the State Department issued a new reward centered around an online persona known as Mr. Soul or Mr. Soll. The notice said CyberAv3ngers is associated with the persona and “has launched a series of malicious cyber activities against U.S. critical infrastructure on behalf of Iran's Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC).”
“CyberAv3ngers actors have utilized malware known as IOCONTROL to target [Industrial Control Systems/Supervisory Control and Data Acquisition (ICS/SCADA)] devices used by critical infrastructure sectors in the United States and worldwide,” the State Department said.
The State Department and Cybersecurity and Infrastructure Security Agency did not respond to requests for information about the most recent CyberAv3ngers attacks.
Members of CyberAv3ngers have boasted on Telegram of their attacks and compromises using IOControl.
IOControl is a strain of malware spotlighted by government officials in December 2024 that multiple cybersecurity firms said was being used by Iranian actors to attack Israel- and U.S.-based devices. Experts at Claroty said the malware was used to attack cameras, routers, firewalls and other industrial technology created by popular vendors like Unitronics, D-Link, Hikvision, Baicells and more.
No comments:
Post a Comment