Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Carding News
Where is Manticore hiding? In digital networks of Middle Eastern organizations.
Message
<blockquote data-quote="Brianwill" data-source="post: 730" data-attributes="member: 15"><p>The Scarred Manticore group operating in the interests of Iran has significantly improved its methods.</p><p></p><p>Check Point specialists, in collaboration with the Sygnia released information about the activities of an Iranian cybercriminal group called Scarred Manticore. It is noted that the group associated with the Ministry of Intelligence and Security of Iran, over the past year, carried out covert espionage operations in the Middle East using a framework for creating malicious programs under the code name LIONTAIL.</p><p></p><p>Scarred Manticore focuses on the sectors of government, military, telecommunications, information technology, finance and non-governmental organizations in the region, which demonstrates the targeted search and collection of valuable data.</p><p></p><p>According to the researchers, the group's tactics have evolved significantly recently: from simple attacks through web shells on Windows servers, the group has moved to using an advanced framework with a powerful set of tools that includes both proprietary and freely distributed components. This indicates an increase in the level of cyber capabilities of Scarred Manticore hackers.</p><p></p><p>The LIONTAIL framework uses custom loaders and memory-resident shellcodes that exploit undocumented driver functions. HTTP.sys, which allows Scarred Manticore operations to remain invisible in legitimate network traffic.</p><p></p><p>In addition to espionage, the group's activities can be traced to involvement in destructive attacks sponsored by MOIS against the infrastructure of the Albanian government. Long-term monitoring of the activities of Scarred Manticore indicates the desire of hackers to obtain and extract confidential data.</p><p></p><p>Concluding the report, the experts emphasize that Scarred Manticore's operations are likely to continue, expanding to other regions and targets consistent with Iran's long-term interests. Meanwhile, the complexity of detecting the LIONTAIL framework, which avoids standard monitoring methods, poses serious challenges for specialists.</p><p></p><p>National cybercrime associations continue to evolve, emphasizing the need for vigilance and enhanced cybersecurity measures to protect organizations from increasingly sophisticated and persistent attackers tactics.</p></blockquote><p></p>
[QUOTE="Brianwill, post: 730, member: 15"] The Scarred Manticore group operating in the interests of Iran has significantly improved its methods. Check Point specialists, in collaboration with the Sygnia released information about the activities of an Iranian cybercriminal group called Scarred Manticore. It is noted that the group associated with the Ministry of Intelligence and Security of Iran, over the past year, carried out covert espionage operations in the Middle East using a framework for creating malicious programs under the code name LIONTAIL. Scarred Manticore focuses on the sectors of government, military, telecommunications, information technology, finance and non-governmental organizations in the region, which demonstrates the targeted search and collection of valuable data. According to the researchers, the group's tactics have evolved significantly recently: from simple attacks through web shells on Windows servers, the group has moved to using an advanced framework with a powerful set of tools that includes both proprietary and freely distributed components. This indicates an increase in the level of cyber capabilities of Scarred Manticore hackers. The LIONTAIL framework uses custom loaders and memory-resident shellcodes that exploit undocumented driver functions. HTTP.sys, which allows Scarred Manticore operations to remain invisible in legitimate network traffic. In addition to espionage, the group's activities can be traced to involvement in destructive attacks sponsored by MOIS against the infrastructure of the Albanian government. Long-term monitoring of the activities of Scarred Manticore indicates the desire of hackers to obtain and extract confidential data. Concluding the report, the experts emphasize that Scarred Manticore's operations are likely to continue, expanding to other regions and targets consistent with Iran's long-term interests. Meanwhile, the complexity of detecting the LIONTAIL framework, which avoids standard monitoring methods, poses serious challenges for specialists. National cybercrime associations continue to evolve, emphasizing the need for vigilance and enhanced cybersecurity measures to protect organizations from increasingly sophisticated and persistent attackers tactics. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Carding News
Where is Manticore hiding? In digital networks of Middle Eastern organizations.
Top