In April, a hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked cyber-espionage group tracked as
Now the group released a tool that was allegedly used by OilRig “for hacking emails and stealing information.”
OilRig is an Iran-linked APT group that has been around since at least 2014, it targeted mainly organizations in the financial, government, energy, telecoms and chemical sectors in the United States and Middle Eastern countries.
The new tool could be used to hijack Microsoft Exchange email accounts, it was dubbed Jason and currently, it is has a detection rate of 0 on VirusTotal.
The Jason email hijacking tool works is used by threat actors to carry out brute-force attacks using a dictionary of password samples and four text files containing numerical patterns.
According to VirusTotal the sample was compiled in 2015 and at the time of writing it is detected only by 7 out of 71 antivirus solutions.
The leak of the hacking tools allowed security firms to analyze them and implements the rules for their detection.
On the other side, hackers could use these tools to carry out the attacks making hard their attribution.
You can find further info on the Jason tool in a blog post published by Omri Segev Moyal, the co-founder at Minerva Labs.
(SecurityAffairs – OilRig, Jason email hijacking tool)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.