Iran’s national hacker arsenal was leaked on a Telegram channel

A Telegram channel, Lab Dookhtegan, announced a new hacking tool in the Iranian national hacker arsenal. The new Iranian hacking tool, called Jason, is used to brute-forcing attack to Microsoft’s email server.

The tool seems to be a relatively simple exchange brute force automation. pic.twitter.com/Eb4e7XER8w

— Omri Segev Moyal (@GelosSnake) June 3, 2019

According to security researcher Omri Segev Moyal, the Jason tool is a GUI utility that can use a pre-compiled list of usernames and passwords to brute force Microsoft Exchange email servers. Moyal said that the tool was compiled as early as 2015, and Iranian hackers have been using it for at least four years.

In April of this year, the same person published the source code of six Iranian hacking tools, the information of victims who were hacked in the past, and the true identity of Iranian government hackers. The six leaked tools belong to the Iranian cyberespionage organization code-named APT34 (also known as Oilrig or Helix Kitten), which is believed to be composed of members of the Iranian intelligence service.

Lab Dookhtegan has been monitoring Iranian intelligence personnel since April, sharing the real names, social media materials, phone numbers or personal photos of intelligence personnel online almost every day. At first, it was thought that Lab Dookhtegan was an insider of Iranian intelligence, but there is now new speculation that foreign intelligence agencies may want to expose Iranian hackers to disrupt the national network.

Source: ZDNet