View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Iranian hackers are ‘stepping up their attacks’

The US is their prime target, security experts warn.

By Vinod

Iranian hackers are stepping up their cyber attacks on US, moving from attacking US companies’ websites to conducting spying activities, a report claims.

An Iranian hacking group known as the Ajax Security Team is the first to make its own malicious software as part of espionage campaigns.

The hackers are using software called "Stealer" that is designed to collect data and record keystrokes on computers, grab screen shots and steal information from web browsers and email accounts.

Ajax is responsible for a chain of attacks on US defense companies, said the report by cybersecurity company FireEye.

Recently, Ajax hackers infected computers of companies by sending emails and social media messages to attendees of the IEEE Aerospace Conference and directed them to a fake website called, which was tainted with malicious software, most likely to be Stealer.

Ajax is also targeting those Iranian nationals who are attempting to bypass the country’s Internet censors to access content such as pornography and political opposition sites.

At Reuters Cybersecurity Summit, Michael Hayden, former director of the CIA and the National Security Agency, said: "I’ve grown to fear a nation state that would never go toe-to-toe with us in conventional combat that now suddenly finds they can arrest our attention with cyberattacks."

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Hackers have increased cyber attacks in the wake of the Stuxnet attack which hit Iran’s nuclear facilities in 2010. The virus was believed to be the handiwork of US and Israeli agencies, prompting Iran to ramp up its own cyber programmes.

Earlier, Iran rejected reports by US officials alleging its involvement in attacking several banks in the US, including Bank of America, JPMorgan Chase & Co, Citigroup, Wells Fargo & Co and PNC Financial Services Group.

The hackers employed DDoS attacks, or distributed denial of service attacks, named so as the aim is to deny customers service by directing large volumes of traffic to a site until it collapses. No bank accounts were breached in the attack, though.

The report points out that though Ajax has become more political in its activities, there is no indication yet of a Stuxnet-style attack.

Speaking at the Reuters summit, Leonard Moodiwspaw, CEO of Maryland cybersecurity company, KEYW Holding Corp., said: "They are more interested in IP and taking money than in shutting anybody down."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.