An exclusive report from Wired.com revealed a video of Iranian hackers trying to teach their unexperienced hackers how to do the job right. Unfortunately, they did not know that the video was taken alongside their said stolen data from companies for the Iranians. If you're interested in how to hack, IBM assures you won't get a hold of this video. But they explained how they did it.
How to hack accounts?
Hacking is a very dangerous act to do. Aside from its legal violations, hacking itself may not be the best option to do amid the pandemic, especially if your videos of teaching 'how to do it' were found by the IBM security.
Wired reported on Thursday, July 16, about an interesting find on the set of an exposed private virtual cloud server by IBM researchers. They discovered roughly five hours of a 'how to hack' video, straight from the Iranian hackers themselves.
"When we talk about observing hands-on activity, it's usually from incident response engagements or endpoint monitoring tools. Very rarely do we actually see the adversary on their own desktop. It's a whole other level of 'hands-on-keyboard' observation," said the agency.
Among the 40 gigabytes of data that the hackers seemed stolen from unknown victims, a set of video was found. Here's the thing: IBM won't let you have the video.
To not promote hacking on social media platforms, the agency chose not to release the said video for the protection of everyone on the Internet. However, here's how they do it, according to their description.
Iranian hackers target your Gmail or Yahoo accounts
Based on the two videos that IBM showed to Wired, hackers let a sample video teach to their junior hackers. IBM watched a somehow 'tutorial' video of how to hack a compromised Gmail or Yahoo account.
In one video, a hacker was seen playing on a compromised Gmail account on the screen. He then linked it to the email software called Zimbra. Using this software, he was able to download all the account's entire messages to the hacker's email. To prevent suspicion, the hacker quickly deleted the Gmail alert, which says the account was compromised.
The next thing on the video shows hackers downloading all the victim's contacts and photos from their Google account. The second video shows how to do it on a Yahoo mail.
Though its a thrilling video, IBM was actually amazed at how the hackers were able to decipher the codes on the email-- within a very limited time.
"To see how adept they are at going in and out of all these different webmail accounts and setting them up to exfiltrate, it is just amazing," says Wikoff. "It's a well-oiled machine."
U.S. Departments were among their targets
Along with the leaked data, Forbes also reported that IBM discovered another thing about the Iranian hackers: They are trying to compromise members' accounts in the United States departments.
Evidence of failed phishing attempts was seen on the discovered files. And it's interesting how deep are their access with the government officials' accounts.
