Members of the Iranian hacker group, APT35 or Charming Kitten , who engaged in hacking were directly filmed from their screens. These five hours of video devoted to the training of new recruits were published on a dedicated server. Except that this one, badly configured, was spied on by the X-Team of IBM Security . Some video clips show the hackers who extract data from real hacked accounts, which belong to a member of the Greek Navy and another of the US Navy.
They couldn't bypass two-factor authentication
On these videos, a document including passwords and user names, belonging to all types of accounts, was manipulated by these individuals. Hackers, however, could not bypass two-factor authentication, when it is enabled. In addition, they are consistent with what is already known about cyber-Iranian operations, which are mainly based on pishing.
According to a US magazine, “the group has focused on government and military targets that pose a direct challenge to Iran, such as nuclear regulators and sanctions bodies. Most recently, he [targeted] pharmaceutical companies involved in Covid-19 research and the Trump campaign . "Note that these videos appear in the 40 gigabytes of data taken by the cybersecurity team.
The complete inbox of a hacked gmail account
Images also showed the hackers extracting content from hacked Yahoo and Gmail accounts, and gaining access to several documents in the Google cloud. A video showed a hacker using Zimbra software to download the entire inbox of a hacked gmail account . Another did the same on a Yahoo account . Still, there was talk of fake accounts just for practice, with the first hack taking four minutes. This operation would take more time on a real account.