Cybersecurity company Resecurity claims that hackers belonging to the IRIDIUM group that has been linked to Iran have stolen 6 terabytes of valuable corporate data from software vendor Citrix. According to Resecurity, the attack took place over Christmas last year as “part of a sophisticated cyber-espionage campaign supported by nation state due to strong targeting on government, military-industrial complex, energy companies, financial institutions and large enterprises involved in critical areas of economy.”
The security firm suspects that the attackers obtained access to the Citrix network through “password spraying,” a technique that exploits the use of weak passwords. The stolen data included “e-mail correspondence, files in network shares and other services used for project management and procurement.”
Read more: Iranian Group Stole 6TBs of data from Citrix