Moscow Rejects Reports on Russian Hackers Posing as Iranians

Russia on Thursday dismissed media reports that Russian hackers hijacked an Iranian cyber-espionage operation and used it to attack government and industry organizations in more than 20 countries, Reuters reports.

A spokesman for the Russian embassy in the U.K. said the media writings were an “unsavory” interpretation of a security report.

British security officials said earlier this month that a Russian group, known as “Turla” and accused by Estonian and Czech authorities of operating on behalf of Russia’s FSB security service, has used Iranian tools and computer infrastructure to successfully hack into organizations in at least 20 different countries over the last 18 months.

“These publications are an unsavory interpretation of a concise report of the British National Cyber Security Centre and the American National Security Agency,” the spokesman added. “The security services themselves are not putting forward any accusations against Russia and Russian citizens.”

Also on Thursday, a somewhat opposite case was registered by U.S.-based tech news website ZDNet – a group of criminals has been launching DDoS attacks against companies in the financial sector and demanding ransom payments while posing as infamous Russian hacking group “Fancy Bear”.

“Fancy Bear” is associated with the Russian government and is known for hacking the White House in 2014 and the DNC in 2016.

The attacks, brought to ZDNet’s attention by one of the publication’s readers, were confirmed by Link11 and Radware, two companies that provide DDoS mitigation services and have documented similar “ransom denial-of-service” (RDOS) attacks in the past years.

According to a copy of the ransom letter, the group is sending victims, the fake “Fancy Bear” group is asking for payments of 2 bitcoin, which is about $15,000 at today’s exchange rate.