Latest in Gear

Image credit: Omar Marques/SOPA Images/LightRocket via Getty Images

US Cyber Command warns of nation-state hackers exploiting Outlook

It hints at possible involvement from Iran.
643 Shares
Share
Tweet
Share
Save

Sponsored Links

Omar Marques/SOPA Images/LightRocket via Getty Images

The recent surge in state-backed hacking campaigns isn't dying down any time soon. US Cyber Command has reported that unnamed state actors are making "active malicious use" of a 2017-era Outlook vulnerability (long since patched) to escape the email client's sandbox and run malware on a target system. While officials didn't say who was involved, some clues have hinted at a possible connection to Iran.

ZDNet noted that a known Iran-backed hacking team, APT33, had used the same vulnerability in December to install back doors on servers and promptly push the flaw to Outlook users. Chronicle Security's Brandon Levene also found that Cyber Command's code samples appeared related to APT33's disk-wiping Shamoon malware. Symantec had also warned of increased activity from the group in recent months.

If it's Iran and not a more familiar perpetrator like Russia, it suggests that political tensions are translating directly to the digital realm. The US is believed to have knocked out Iranian missile and rocket systems with a cyberattack in late June, for instance. Although this Outlook campaign isn't necessarily direct retaliation for the missile effort, it's hard to imagine Iran doing nothing in response.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
643 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's 2019 Back-to-School Guide

Engadget's 2019 Back-to-School Guide

View
Dell's XPS 13 now comes with the latest Intel 10th-gen processors

Dell's XPS 13 now comes with the latest Intel 10th-gen processors

View
Microsoft won't release more Xbox exclusives on rival platforms

Microsoft won't release more Xbox exclusives on rival platforms

View
‘Need for Speed Heat’ isn’t anything like ‘Payback’

‘Need for Speed Heat’ isn’t anything like ‘Payback’

View
The Morning After: About that fourth 'Matrix' movie

The Morning After: About that fourth 'Matrix' movie

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr