back to article Iranian cyberspies exploited Log4j to break into a US govt network

Iranian state-sponsored cyber criminals used an unpatched Log4j flaw to break into a US government network, illegally mine for cryptocurrency, steal credentials and change passwords, and then snoop around undetected for several months, according to CISA. In an alert posted Wednesday, the US cybersecurity agency said it …

  1. VoiceOfTruth Silver badge

    What goes around comes around

    How much spying on Iran does the USA do?

    1. Pascal Monett Silver badge

      Re: What goes around comes around

      Yeah but we're the good guys.

    2. Lil Endian Silver badge

      Re: What goes around comes around

      So, an eye for an eye?

      How much spying on you does the USA do?

      The obvious difference is that you're not a sovereign state. But what if an individual attacks/offends an individual? Okay to retaliate?

      Sovereign states have no overseeing legislature (see: Country that still uses fax machines... for an example of how this will remain the case for a long time!). But we as individuals do. What if our legislature is broken or corrupt, or our aggressor is another sovereign state? ECHR? Okay....

      I've no probs with your witticism. All sovereign states (that can do) spy on each other. I'm just saying tit-for-tat doesn't end if there's no overseer with a bigger gun.

      Personally, I'm all up for a "Cyber Day of the Triffids". Down with the establishment! I wanna be anarchy!

    3. DS999 Silver badge

      Re: What goes around comes around

      Probably a lot, but at least we don't install cryptomining software on their computers!

      1. Al fazed

        Re: What goes around comes around

        How can you be so confident ?


        1. DS999 Silver badge

          Re: What goes around comes around

          Because in the US spying is done by government organizations like the NSA and CIA, and they like their spying to be done as invisibly as possible. We've all seen the toolkits they've used, they take every measure possible to hide their existence from people using/managing the compromised computers. Running a cryptominer flies in the face of that, as the excess resources it consumes makes it far more likely to be noticed than a stealthy rootkit.

          Whereas these spies are either not government employees but hackers sort of 'encouraged' to direct their enterprise towards targets Iran's government wants information on, or are government employees who are not paid well and risk their spying being more easily detected to scratch a few pennies on top of their salary via CPU based cryptomining.

  2. Potemkine! Silver badge

    Log4j not patched after months of warning? This is a professional fault.

    I don't get the reason to install a cryptomining app. It adds risks for the intruders to be detected. Unless it was to cover their tracks?

    == Bring us Dabbsy back! ==

    1. Al fazed

      I imagine

      that the said IT mules unofficially installed the crypto mining software in order to leverage more income from their activity. Who would know ?

      If the "Man" in charge is as clued up as our politicians and their per IT psuedo scientists, we as individuals wouldn't know if someone Carp Diemed (sieze the day) the COVID testing app, or the NHS 111 app, or your EV charging app, or the doorbell camera app, or the security camera app, or any other available "app" - until the ORGs involved got around to notifying their customers.

      FFS ! If the Iranians are using Microsoft OS, then surely all this skull duggery is just to draw our attention away from those MACROS or wanting to PRINT, where we all know that Microsoft rules this roost.


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like