State-Sponsored Successor to “Project Signal” Ransomware Campaign Discovered

Iranian state-sponsored attackers have been linked to a variety of cyberespionage activities aimed at organizations all over the world. Flashpoint security experts recently discovered another ransomware strain from Iran, that has been operating since July 2020.

According to Flashpoint, Iran’s Islamic Revolutionary Guard Corps (IRGC) was running a ransomware campaign through Emen Net Pasargard, an Iranian contracting firm (ENP). The ransomware campaign known as “Project Signal” is thought to have started between late July and early September 2020, with ENP’s internal analysis team putting together a list of unspecified target websites. 

“Iran has a history of attempting to use cybercriminal TTPs to blend in with non-state-sponsored malicious cyber activity to avoid attribution and maintain plausible deniability. It’s largely assumed that Iran has been behi… (read more)

This post has been read 16 times!

0 0 votes
Article Rating
Like Love Haha Wow Sad Angry
Not Optional
Inline Feedbacks
View all comments