We know that hacking is prevalent all around the world but the most amount of hacking attacks take place from hackers located in China, Russia, North Korea or parts of the world where the governments are also sponsoring the attacks. Now, we don’t claim that all of the hackers are state-sponsored from here but there is a significant portion of them who are backed by the state. Now, we have a new report of hackers from Iran who are targeting some networking devices in the US. As far as Iranian hackers are concerned, they are also very powerful and high in number but they go under the radar a lot.
FBI’s alert message says that “A group of elite hackers associated with the Iranian government has been detected attacking the US private and government sector” and it is also believed that this hacker group is known as “Fox Kitten” or “Parasite” as mentioned in the “Private Industry Notification” alert. One insider also says that this group of Iranian hackers is their “spear tip” and that their main task is “to provide an “initial beachhead” to other Iranian hacking groups — such as APT33 (Shamoon), Oilrig (APT34), or Chafer.
Talking about the alert and why it has been sent, the FBI has tracked that the said Iranian group is targeting the F5 networking devices in the US. Their modus operandi is to “gain access to a device, install a web shell or backdoor, and then transform the equipment into a gateway into the hacked network”.
It is known that F5 networking devices are very high-end and some exploits are being used on those devices to get inside them otherwise it is not easy. Also known is that targets primarily include large private corporations and government networks which is dangerous because of the threat to state secrets.