Iranian government-sponsored hackers compromised the network of an unnamed US federal government agency starting in February, stealing passwords on the network and installing software to generate cryptocurrency, Report informs referring to CNN.
Though the hack likely began in February, officials at the Department of Homeland Security responded to the breach in June to clean up the network of the civilian agency, the FBI and DHS’s Cybersecurity and Infrastructure Security Agency (CISA) said in a public advisory.
The hackers exploited a widely known vulnerability that CISA sounded the alarm about in December 2021 and ordered agencies to address.
It’s an example of how it can take months from when a hack occurs to when it is discovered and disclosed. It also could be the latest evidence that Tehran’s hacking teams, which are often government contractors, dabble in self-enrichment schemes. The hackers allegedly used their access to the US government network to install software that produces cryptocurrency - potentially useful revenue for the sanctions-hit citizens of Iran.
The ultimate motive of the alleged Iranian hackers was unclear.