Hackers targeted Microsoft Exchange servers of foreign ministries and energy companies over a three-year period. In total they managed to steal five gigabytes of data, including diplomatic cables and passwords.
This time, the attack was more targeted, targeting foreign ministries in Bahrain, Iraq, Turkey, Oman, Egypt and Jordan, as well as eight companies in the industry.in the Middle East, Asia and Eastern Europe. Resecurity discovered a total of five gigabytes of data placed in an online storage service from servers Exchange hacked.
Diplomatic cables and stolen passwords
The stolen data was collected in a series of attacks over a three-year period, between 2017 and 2020. It contained documents and emails, including diplomatic cables. For example, an internal memo from a Bahraini diplomat reports a meeting with Chinese diplomats in the context of a possible United Nations special session on the treatment of Uighurs. The Chinese recalled that their country had defended Bahrain in terms of human rights. Other emails contained sensitive information like identifiers andwhich could have been used to infiltrate the internal networks of the ministries and firms concerned.
Resecurity did not name those responsible for these attacks. However, the researchers indicate that the choice of targets suggests a, and that the methods used are substantially the same as the group …