LONDON: Iranian hackers accidentally leaked videos showing themselves teaching junior hackers how to break into email accounts and siphon data from them, it has been revealed.
Employees at IBM’s X-Force, the company behind the discovery, say that five hours of footage – recorded directly from the screen – has been obtained along with 40 gigabytes of information and data stolen from victim accounts.
The reports suggested that the files were uploaded accidentally to an exposed server in May that was being monitored by IBM.
“We don't get this kind of insight into how threat actors operate really ever,” Allison Wikoff, a senior analyst at IBM X-Force, told Wired magazine.
“When we talk about observing hands-on activity, it’s usually from incident response engagements or endpoint monitoring tools,” she said, adding that, “Very rarely do we actually see the adversary on their own desktop. It's a whole other level of ‘hands-on-keyboard’ observation.”
Among the targeted accounts were staffers at the US State Department, an Iranian-American philanthropist, as well as US and Greek military personnel.