Latest in Gear

Image credit: Omar Marques/SOPA Images/LightRocket via Getty Images

US Cyber Command warns of nation-state hackers exploiting Outlook

It hints at possible involvement from Iran.
642 Shares
Share
Tweet
Share

Sponsored Links

Omar Marques/SOPA Images/LightRocket via Getty Images

The recent surge in state-backed hacking campaigns isn't dying down any time soon. US Cyber Command has reported that unnamed state actors are making "active malicious use" of a 2017-era Outlook vulnerability (long since patched) to escape the email client's sandbox and run malware on a target system. While officials didn't say who was involved, some clues have hinted at a possible connection to Iran.

ZDNet noted that a known Iran-backed hacking team, APT33, had used the same vulnerability in December to install back doors on servers and promptly push the flaw to Outlook users. Chronicle Security's Brandon Levene also found that Cyber Command's code samples appeared related to APT33's disk-wiping Shamoon malware. Symantec had also warned of increased activity from the group in recent months.

If it's Iran and not a more familiar perpetrator like Russia, it suggests that political tensions are translating directly to the digital realm. The US is believed to have knocked out Iranian missile and rocket systems with a cyberattack in late June, for instance. Although this Outlook campaign isn't necessarily direct retaliation for the missile effort, it's hard to imagine Iran doing nothing in response.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
642 Shares
Share
Tweet
Share

Popular on Engadget

Disney+ non-fiction shows include Mickey, Wolfgang Puck documentaries

Disney+ non-fiction shows include Mickey, Wolfgang Puck documentaries

View
Mercedes app was leaking car owners' data to other users

Mercedes app was leaking car owners' data to other users

View
AT&T hikes TV Now prices by as much as $15 per month

AT&T hikes TV Now prices by as much as $15 per month

View
Samsung won't support Linux on DeX once Android 10 arrives

Samsung won't support Linux on DeX once Android 10 arrives

View
Twitch 'Watch Parties' let streamers watch Prime Video with viewers

Twitch 'Watch Parties' let streamers watch Prime Video with viewers

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr