Iranian Hacker Network Linked to Familiar Group?

May 30, 2014 • Chris

News of an Iranian hacker network targeting US government officials made waves yesterday after being uncovered by iSIGHT Partners. Buried deep in Reuters’ report is a password used by the group: parastoo.

Parastoo (پرستو), which is Persian for the bird swallow, is a common female first name. It’s also the name of a familiar Iranian hacktivist group known for leaking data from energy and government organizations in the United States.

We’ve covered Parastoo in the past including the timing of its proclaimed attacks compared to other Iranian hackers as well as an evaluation of its targeting and threats.

Iran Cyber Teams Timeline

Click image for larger view

The first public statements by the hacktivist group Parastoo emerged during late 2012, which is some time after the 2011 start of the recently reported campaign iSIGHT is calling NEWSCASTER.

After iSIGHT exposure of NewsOnAir.org as a false front, more reporters and security researchers are digging in and adding to the collective intelligence around NEWSCASTER. (Wired and La Croix for example).

Using Recorded Future, analysts and defenders can track reporting linked to disclosed campaign infrastructure and pseudonyms (Sara McKibben, Adia Mitchell, Joseph Nillson, etc.) for new insights into the social engineering methods in play.

New call-to-action

Related Posts

How Our Partnership With ServiceNow Makes Vulnerabilities Manageable

How Our Partnership With ServiceNow Makes Vulnerabilities Manageable

April 1, 2020 • The Recorded Future Team

When it comes to vulnerability management, security teams have been struggling for years to...

Remote Threats to Remote Employees: How Working From Home Increases the Attack Surface

Remote Threats to Remote Employees: How Working From Home Increases the Attack Surface

March 26, 2020 • Allan Liska

In response to the COVID-19 pandemic, many organizations have shifted to working from home for the...

Security Intelligence in ServiceNow: How to Evaluate Third-Party Risk and Keep Business in Business

Security Intelligence in ServiceNow: How to Evaluate Third-Party Risk and Keep Business in Business

March 25, 2020 • The Recorded Future Team

Recent high-profile breaches — such as the 2019 data breach that left 540 million Facebook...