Operation Saffron Rose a insight on the Iranian cyberattacks

The Ajax Security Team has initiated multiple attacks which have been reported in the ‘Operation Saffron Rose’ FireEye report. The AST is a Iran-based hacking group which is capable of performing advanced persistent threats. Untill now the world claimed that Iran had no cyber technologies but it seems that these claims are being reconsidered as Iran has trained a massive army of hackers.

One of the main sites where these hackers get their information from is the Ashiyane forum which acts as a communication portal between the hackers and government of Iran.

On the Ashiyane forum you will find a lot of instructions on how to hack specific environments.



Malware samples

The RedSocks security company in the Netherlands published multiple samples of the malware which wereĀ used in the Operation Saffron Rose attacks.

Take a look at the samples here:

Operation Saffron Rose sample 1

OperationĀ Saffron Rose sample 2

OperationĀ Saffron Rose sample 3

OperationĀ Saffron Rose sample 4

OperationĀ Saffron Rose sample 5

The Operation Saffron RoseĀ malwareĀ is now detected by the most AntiVirus solutions, the malware installs itselfs at the Windows startup and the binary contains encrypted and compressed data.

Share this info: