New Iranian hacking tool leaked on Telegram

Iranian State hackers have included a new hacking tool into their arsenal and the same is believed to have been published online today, in a Telegram Channel. It is believed that the person responsible for this leak is the same individual who, in April, leaked the source code of six other Iranian hacking tools, along with some delicate information on past hacked victims, and the real-world identities of members of Iranian government hackers. This tool which was published earlier today in the same Telegram channel where the leaker cum hacker, going by the name of Lab Dookhtegam dumped the six other previous hacking tools is named as Jason.

Reports from Security Researcher Omri Segev Moyal, confirms that Jason tool is a GUI utility to perform brute-force attacks on Microsoft Exchange email servers using pre-compiled lists of username and password combos. Moyal also confirmed that tool has been compiled way back in 2015, which means that Iranian hacker have been using it for at least last four years for their operations.

Those six tools that were previously leaked in April all belonged to an Iranian cyber-espionage groups, that are believed to be composed of members of the Iranian Ministry of Intelligence (MOIS) and known under codename's such as Oilrig, APT34, HelixKitten. Unlike the other tools leaked in April, the Jason tool that was shared today is completely new, at least for the security researchers who analyzed it today. As for observance on Lab Dookhtegan till this April, the leaker has been doxxing Iranian intelligence agents, sharing their real identities, social media profiles, contact details etc on an almost daily basis. It was initially believed that Lab Dookhtegan was a former insider, but the new consent is that this is the online persona of a foreign intelligence agency who is trying expose Iranian hacking efforts by attempting to damage the country's cyber-espionage operations. In May, another leak on details about another Iranian Hacking Unit name MuddyWater and its links with Iranian organization known as the Rana Institute has proved that Lab Dookhtegan wasn't the only leaker.