A new Iranian Hacking Tool Leaked On Telegram messenger app named OilRig’s Jason.
On April 2019, another six hacking tools Leaked by researcher Lab Dookhtegan. He has previously leaked six hacking tools belonging to Iranian state hackers on the same Telegram channel.
What Jason do?
According to Security researcher Omri Segev Moyal, from Minerva Labs Jason works for brute-forcing Microsoft Exchange email servers using pre-compiled lists of username and password combos.
Omri said, JASON has been used since 2015 by Iranian Hackers also were using the tool for at least four years in their operations.
Jason is detected by few antivirus engines only.
ZDnet reported, six tools that have been previously leaked in April all belonged to an Iranian cyber-espionage group known under codenames such as APT34, Oilrig, or HelixKitten — believed to be composed of members of the Iranian Ministry of Intelligence (MOIS).
OilRig, also known as APT34 and HelixKitten, is a group linked to the Iranian government and is believed to be composed of members of the Iranian Ministry of Intelligence (MOIS). The group is active since at least 2014 and has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications with the focus on the operations within Middle East.