Malicious actors are trying to bank on increased attention on Iran to peddle old data. However, leaking old data can have consequences, too.
Attackers posted an ad on a popular data leak site, claiming they’re selling sensitive details taken from the Nuclear Power Production and Development (NPPD). This is a crucial organization within the Atomic Energy Organization of Iran (AEOI), which is responsible for managing and developing nuclear power in the country.
According to the post, malicious actors got their hands on a staggering 25 gigabytes worth of sensitive data, including employee names, IDs, and various documents about Iran’s nuclear power program, and even how much cryptocurrency certain employees own. Saying this data is sensitive would be a severe understatement.
“We see it every day, older leaks reemerge with a new price tag, and there is a demand for that. Data doesn't expire as it can be reused from victim profiling to credential stuffing at scale. Old data will be reused again and again until the last penny is drained from it,”
our researchers said.
However, the Cybernews research team investigated the data sample that the attackers provided, concluding that whoever posted the data could be attempting to scam potential buyers. According to the team, the leak contains data from an older leak that took place around 2019-2020. The post author simply repackaged the old data.
“We see it every day, older leaks reemerge with a new price tag, and there is a demand for that. Data doesn't expire as it can be reused from victim profiling to credential stuffing at scale. Old data will be reused again and again until the last penny is drained from it,” our researchers said.
This means that, at least in theory, attackers could try to reuse information about Iran’s NPPD employees to target them in various phishing attacks or scams. With heightened international tensions and increased focus on Iran’s nuclear program, malicious actors could craft tailor-made attacks.
After the Iran-Israel conflict sparked up earlier this month, hackers on both sides have tried their best to penetrate each other's systems. For example, Iran hijacked home security cameras to obtain knowledge of Israel’s movements in real-time, prompting officials to warn the public over a radio broadcast.
Cybersecurity pros noted that the “cyber domain is a primary theater in the Israel-Iran conflict.”
Your email address will not be published. Required fields are markedmarked