Is Russia Helping Iran to Hack US Military Contractors?

Iran Focus 

London, 16 May - In April, US computer security experts had to combat a threat from a gang of hackers, believed to be Iranian, who were trying to hack into the network of a military contractor.

Had the hackers been successful, it could have been a major problem for US national security, but luckily, the defenders managed to block them at every turn.

The defenders believe that Russia may have been involved in this hacking attempt, as the Iranian hackers were using a toolset that belonged to a Russian mercenary hacker who attacked Ukraine in 2015 and shut down parts of the country’s power grid.

Carl Wright, an executive at TrapX, the Silicon Valley security firm that thwarted the hackers last month, said: “This is the very first time we’ve catalogued an attack where Iranian hackers are working with Russian hackers-for-hire.”

TrapX cannot name the victim of the attack due to confidentiality agreements.

Tom Kellermann, a computer security expert who previously served as the chief cybersecurity officer at Trend Micro, the Tokyo-based security giant, and was a member of a commission advising the Obama administration on online security, said that this Iran-Russia hacking partnership was “historic”.

He said: “Iranian hackers have dramatically increased their cyber weaponry and tactical proficiency as a result.”

The Iranian hackers, known as OilRig, have previously hacked oil companies in Saudi Arabia and Israel, before targeting military, financial and energy companies in Europe and the US.

However, security experts have dismissed the Iranian hackers as the “B-Team” arguing that they are not as advanced as Chinese, Russian or Eastern European hackers.

Moshe Ben-Simon, vice president of TrapX Labs, the company’s research arm, noted that 70% of the code used in April’s attack was identical to that used by OilRig in the past but the final stage was completely different.

He said: “It was a departure from anything they’ve done in over 200 documented attacks.”

He noted that it took weeks to crack the tool and extract information.

Other security experts note that it is possible for the Iranian hackers to have taken the Russian hacking tool without permission and customise it.

TrapX rebuts this though, noting that several of the web domains were registered to a Russian alias and three of the emails are still being used in Russian hacking forums and on the Dark Web.

Wright also notes that the hacker has been renting out services on the Dark Web.



Iran, Tehran – Anti-Regime Chants in Protest, June 25

Iran, Tehran – Major Protest With Chants of ‘We Will Fight, We Will Die, but We’ll Take Back Iran’

Iran, Tehran – Chants of ‘Death to the Dictator’, June 25

Iran, Tehran – Clashes Between People and Security Forces, June 25

Iran, Tehran – People Defend Themselves in Protest, June 25

North Khorasan Province, Iran. May 22, 2018, the Nationwide Strike of Heavy Truck Drivers

Yazd, Iran. May 22, 2018, the Nationwide Strike of Heavy Truck Drivers

Bandar Abbas, Iran. May 22, 2018, the Nationwide Strike of Heavy Truck Drivers

Pasargadae, Iran. May 22, 2018, the Nationwide Strike of Heavy Truck Drivers

Iran-Bandar Lengeh, May 22, 2018, the Nationwide Strike of Heavy Truck Drivers

Iran-Isfahan, May 22, 2018, the Nationwide Strike of Heavy Truck Drivers

Iran,Isfahan, Apr. 10, 2018. Farmers' Protest Rally Continues

Iran,Isfahan, Apr. 10, 2018. Farmers Stage Major Protest Gathering in Khourasgan Square

Iran – the Portrait of Khamenei and Khomeini Was Set on Fire


Ahvaz, 29 Mar, Peaceful Demonstration of People Faces With Brutal Clashes by the Security Forces

IRAN, AHVAZ, Mar 27&28 People Clash With Security Agents Who Wanted to Destroy Their Houses

WARNING - VULGAR LANGUAGE March 13 - Tehran, NW #Iran‌ Protesters Celebrating #FireFest and Clashing

Iran: Video Clip, Activists Setting Fire 2 Paramilitary Bassij Center in Lavasan, North Tehran. #Fir

March 13 - Qazvin, NW #Iran‌ Protesters Starting #FireFest, Defying Authorities Banning Such #4Shanb