Group of unskilled Iranian hackers behind recent attacks with Dharma ransomware
New research from the security firm Group-IB reveals that low-skilled Iranian hackers were behind a series of attacks against Asian companies utilizing the Dharma ransomware. In a recent campaign, the hackers have gone after countries such as Russia, China, Japan, and India. In a report published today, Group-IB claims that the hackers are inexperienced and lack sophistication.
The group strictly used publicly available hacking tools that were found on open source platforms such as GitHub or downloaded from hacking channels on Telegram, including tools such as NLBrute, Port Scanner, Your Uninstaller, and others. According to researchers, this means that the group is either unable to finance purchasing private and advanced hacking tools, or they are incapable of developing their own. However, this means that inexperienced threat actors with limited access can carry out large scale attack attempts against foreign targets with little resources.