

The U.S based cyber security firm Cylance has reported that Iranian hackers have breached global companies, located in U.S, Germany, England, India, Israel, Saudi Arabia, China and France for last two years. The U.S based cyber security firm Cylance has reported that Iranian hackers have breached global companies, located in U.S, Germany, England, India, Israel, Saudi Arabia, China and France for last two years.







The Iranian hacker team working under the name 'Cleaver' is believed to be behind the massive spying. Compromised systems include Microsoft Windows web servers running IIS and ColdFusion,Apache with PHP, many variants of Microsoft Windows desktops and servers, and Linux servers.





Cleaver’s level of access into each organization varied greatly, including completely compromised systems and networks, Active Directory domain controllers and credentials, compromised data

repositories and stolen VPN credentials.





Compromised network infrastructure included Cisco VPNs as well as Cisco switches and routers. Unlike Stuxnet, no exotic exploitations (such as 0-days) were observed.





Cylance said "Within our investigation, we had no direct evidence of a successful compromise of specific Industrial Control Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) networks, but Cleaver did exfiltrate extremely sensitive data from many critical infrastructure companies allowing them to directly affect the systems they run. This data could enable them, or affiliated organizations, to target and potentially sabotage ICS and SCADA environments with ease."



"We discovered over 50 victims in our investigation, distributed around the globe. Ten of these victims are headquartered in the US and include a major airline, a medical university, an energy company specializing in natural gas production, an automobile manufacturer, a large defense contractor, and a major military installation. The four targets in Israel and the five targets in Pakistan are comprised of education, aerospace, airports, airlines, healthcare and technology. Further victims were identified in numerous Middle Eastern countries as well as ones in Northern Europe including the UK, France, and Germany. Central America was not immune either with a large oil and gas company on the list. In fact, oil and gas was a particular focal point for the Cleaver team, going after no less than nine of these companies around the world."