"Iranian Government-Backed Hackers Targeting US Energy and Transit Systems"

Mint Sandstorm, an Iranian government-backed actor, has been attributed to attacks on US critical infrastructure between late 2021 and mid-2022. The Mint Sandstorm subgroup is said to be technically and operationally mature as it can develop custom tools and weaponize N-day vulnerabilities. It appears to align with Iran's national priorities, according to an analysis by the Microsoft Threat Intelligence team. Seaports, energy companies, transit systems, and a major US utility and gas company have been targeted. The activity is believed to be retaliatory and a response to attacks on its maritime, railway, and gas station payment systems between May 2020 and late 2021. Microsoft has renamed the threat actor previously known as Phosphorus, APT35, Charming Kitten, ITG18, TA453, and Yellow Garuda to Mint Sandstorm. This article continues to discuss the new findings surrounding the Iranian government-backed actor Mint Sandstorm.

THN reports "Iranian Government-Backed Hackers Targeting US Energy and Transit Systems"