Iranian hackers have targeted organizations across countries like China, India, Japan, and Russia. The hackers are “newbie” and use low-scale sophistication tools and measures to launch the attacks. They attempted to encrypt the target organizations’ networks via Dharma ransomware. The hackers have used tools and hacking-tech, which is available on Telegram or openly-sourced on GitHub.
The list of tech used includes Defender Control, Your Uninstaller, Masscan, Advanced PortScanner, and NLBrute. Researchers say that the group is either incapable of developing their hacking tech or lacks the monetary backing needed to gain access and other hacking requirements.
Source: Zdnet