Iranian Cybercriminals Suspected in Global DNS Hijacking Campaign

Cybersecurity firm FireEye said this week that it identified a sophisticated hacking campaign intercepting traffic from companies all over their globe to their own servers for the purposes of stealing company credentials for future attacks.

 

FireEye said instead of spear-phishing employees in the target organization, the hacking group modified DNS records for company IT resources to reshape internet traffic inside organizations and hijack the parts they wanted.

 

The attackers behind the campaign are thought to be state-backed Iranian hackers, and while the entities being targeted have no financial value, they are still of interest to the Iranian government.

 

Source: ZDNet