Within two weeks it covertly launched a cyber attack against Iranian intelligence group's computer systems that control rocket and missile launches, the US Cyber Command on Wednesday issued an unprecedented warning, saying it has discovered the "active malicious use" of a Microsoft Outlook vulnerability linked to Iran.

Open in App

Iran-linked hackers exploiting Microsoft Outlook bug: US

The vulnerability is a security bug that Microsoft patched in Outlook in 2017 but several unpatched computers are still at risk.

In a tweet, US Cyber Command said: "USCYBERCOM has discovered active malicious use of "CVE-2017-11774" and recommends immediate #patching."

According to a ZDNet report, the bug "CVE-2017-11774" discovered first by SensePost researchers had been "weaponized by an Iranian state-sponsored hacking group known as APT33 (or Elfin), primarily known for developing the Shamoon disk-wiping malware" another hacking tool developed by the APT33 group.

The Outlook bug allows a threat actor to escape from the Outlook sandbox and run malicious code on the underlying operating system.

"In December 2018, ATP33 hackers were using the vulnerability to deploy backdoors on web servers, which they were later using to push the CVE-2017-11774 exploit to users' inboxes, so they can infect their systems with malware," said the report.

Cyber security firm FireEye has also reported extensively on Iran-linked APT33.

"Over the past few years, we have been tracking a separate, less widely known suspected Iranian group with potential destructive capabilities, whom we call APT33," FireEye said recently.

The analysis reveals that APT33 is a capable group that has carried out cyber espionage operations since at least 2013 "at the behest of the Iranian government".

APT33 has targeted organisations spanning multiple industries headquartered in the US, Saudi Arabia and South Korea.

The possible Iran-linked attack comes in the wake of the US cyberattack last month that targeted computer systems used to control missile and rocket launches for potential disruption.

The strikes, approved by the US President Donald Trump, were carried out by US Cyber Command in coordination with US Central Command.

The attack came during the peak of tensions this week between the US and Iran over a series of incidents across the Middle East, including Tehran's shooting down of an American reconnaissance drone.

It also came as US fears have grown that Iran may seek to lash out with cyberattacks of its own, as multiple cybersecurity firms said they had already seen signs Tehran is targeting relevant computer networks for intrusion and appeared particularly focused on the US government and the American energy sector, including oil and gas providers.

( With inputs from IANS )

Lok Sabha Election 2024

Heatwave In India

Mumbai Water Cut

Maharashtra Lok Sabha Election

IPL 2024

Salman Khan

City

Iran-linked hackers exploiting Microsoft Outlook bug: US

Iran-linked hackers exploiting Microsoft Outlook bug: US

Related Stories

International Iran’s Supreme Leader Praises Armed Forces for Retaliation Against Israel

International Iran – Isreal War: Disputes Reports of First Delivery of Russian Su-35 Fighter Jets

International Iraq: Two Iraqi Military Bases Bombed by Unknown Aircraft Near Baghdad; Watch Video

International Amid Israel-Iran Tensions, Biden Administration Weighs Sending USD 1 Billion More in Weapons to Israel: Report

National Air India Extends Suspension of Tel Aviv Flights Amid Middle East Tensions Until April 30

टेकमेनिया Realted Stories

Technology 'Two-thirds of Indian companies striving for better execution of SDG goals'

Technology Ola Krutrim opens AI Cloud infrastructure for developers, launches mobile app

Technology Karma has a way of biting back: Zerodha CEO Nithin Kamath

Technology Obesity, poor diet & physical inactivity driving early onset of cancers: Health expert

Technology Meta gets 27K reports via Indian grievance mechanism in March, fake FB, Insta profiles key concern