Hackers spoof Proud Boys
On October 30, the CISA and the FBI shed light on the activities of Iranian state-sponsored hackers and alerted voters in a joint advisory. Hackers were seen using fake Proud Boys-themed emails.
The advisory stated that the Iranian APT actors are attempting to exploit misconfiguration and known vulnerabilities, such as directory traversal, SQL injection, web shell uploads, and unique flaws in election websites, using the Acunetix vulnerability scanner and advanced open-source queries.
In addition, the hackers used paid VPN services such as NordVPN, CDN77, HQSERV, and M247, along with curl and FDM in the campaign.
Earlier preparation
In mid-October, Proofpoint researchers observed emails purporting to be from a far-right and neo-fascist male-only organization, known as Proud Boys, threatening the recipient (Democratic voters).
A few weeks ago, in a press conference, Director of National Intelligence (DNI) John Ratcliffe had stated that Iran and Russia have gained access to voter registration information and Iran has been using it to send out threatening emails to Democratic voters.
CISA and FBI advisories
According to an FBI flash alert, in this fake Proud Boys campaign, the ..
Support the originator by clicking the read the rest link below.
