The FBI has published a TLP:WHITE Private Industry Notification (PIN) to provide awareness of the Iranian cyber group Emennet Pasargad and its ongoing hack-and-leak cyber operations, which include false-flag campaigns under the guise of multiple personas to avoid attribution. According to FBI reporting, Emennet Pasargad has been conducting hack-and-leak operations against organizations primarily in Israel. However, the FBI judges these techniques may be used to target U.S. entities. Within the past year, the FBI has identified a destructive cyber attack against a U.S. organization – indicating the group remains a cyber threat to the country. The PIN notes that Emennet Pasargad’s observed tactics include “an initial intrusion, theft and subsequent leak of data, followed by amplification through social media and online forums, and in some cases the deployment of destructive encryption malware.” Additionally, the PIN provides recommendations for organizations and individuals to defend against this activity. The FBI encourages partners to report suspicious or criminal activity to their local FBI field office or the FBI’s 24/7 CyberWatch (CyWatch) at (855)292-3937 or [email protected]. Access the PIN below.
Attached Files:
PIN-20221020-001_TLP-WHITE