ZeroCleare wipes up where Shamoon left off
An Iran-based hacking crew long known to target energy facilities in neighboring Middle Eastern countries is believed to be launching new attacks.
The team at IBM's X-Force said an actively spreading malware package dubbed ZeroCleare looks to be in part the work of APT34, a hacking crew commonly accepted to be operating out of Iran.
According to researchers, APT34 and another crew from Iran have been using poisoned VPN nodes to get onto machines located at energy facilities in the region. In at least one case so far, they were successful.
"The attack timeline may have begun as early as Autumn of 2018 with reconnaissance scanning from various low-cost/free VPN providers and gaining ..
Support the originator by clicking the read the rest link below.
