Hacking the hackers: a Russian group has hijacked Iranian intelligence operation, officials say

LONDON (Reuters) – Russian hackers from piggy-backing on an Iranian cyber-espionage operation has to fall on the government and industry bodies in many countries, while in disguise as the aggressors of the Islamic Republic, the united kingdom and united states officials said on Tuesday.

FILE IMAGE: A man types on a computer keyboard, a computer in Warsaw in this February 28, 2013 illustration file picture. Kacper Pempel//File Photo

The Russian group, which is also known as “Turla,” and accused the Estonian and the Czech authorities, acting on behalf of the Russian security service, the FSB, has used Iranian instruments, and computer infrastructure in order to successfully hack into organizations, in at least 20 countries over the past 18 months, British security officials have said.

The connection of the campaign, the scale of which has never been revealed, has been the most active in the Middle East, but also in the targeted organisations, in the Uk, ” she said.

Paul, Chichester, and a senior official in the british intelligence agency GCHQ, has said that the operation shows the state-backed hackers are to work in a “very crowded space” and the development of new attacks and methods to better cover their tracks.

In a statement, following a joint recommendation by the US National Security Agency (NSA), GCHQ and the National Cyber Security Centre, said it wanted to raise industry awareness of the activity and to make the attacks more and more difficult for their opponents.

“We want to send a clear message that even though for cyber-actors are trying to mask their own identity, in our capabilities, and ultimately will be able to tell the difference,” said Chichester, of which the NCSC serves as director of operations.

The government officials in Russia and Iran, and will not immediately respond to requests for comment sent out on a Sunday morning. Moscow and Tehran have repeatedly denied the Western accusations of hacking.


Western officials, from the rank of Russia and Iran, as well as two of the most dangerous threats in the wild, in addition to China and North Korea, the two governments have been accused of the hacking operations in countries all over the world.

Intelligence officials said there was no evidence of collusion between Turla and Iran, the victim of a hacking group known as “the APT34” that cyber security researchers at the firms, including FireEye FEYE.Oh it says it works for the Iranian government.

On the contrary, the Russian hackers have infiltrated from the Iranian group’s infrastructure in order to masquerade as an opponent of the victims, it would be expected to target them,” said the GCHQ has been in Chichester.

Turla actions demonstrate the dangers of falsely attributing cyber attacks, British officials said they were not aware of a public incident that was mistakenly, on the role of Iran as a result of the Russian operations.

In the United States and its Western allies have used it as a foreign cyber-attack in order to have their own intelligence operations, a practice referred to as “fourth party collection,” according to documents released by former US intelligence contractor Edward Snowden and a report in the German magazine “Der Spiegel”.

GCHQ declined to comment on the Western business.

By gaining access to Iran’s infrastructure, Turla in order to be able to APT34 the “command and control” systems have to implement their own malicious code, the GCHQ and the NSA, said in a public advisory.

The Russian group was also able to gain access to the networks of the existing APT34 of the victims, and even to have access to the code, which is required for the construction of its own ‘Islamic’ hacking-tools.

– Additional reporting by Vladimir Soldatkin in Moscow, Babak Dehghanpisheh in Geneva; Editing by Frances Kerry

Follow us

Don't be shy, get in touch. We love meeting interesting people and making new friends.

Most popular