Get Permission
Iran s Islamic Revolutionary Guard Corps was behind a ransomware campaign that used a contracting company called Emen Net Pasargard, or ENP, to target over a dozen organizations, according to three leaked intelligence documents assessed by the security firm Flashpoint.
Based on its analysis of documents leaked by the Iranian dissident group “Lab Dookhtegan,” Flashpoint says this ENP attack campaign, dubbed Project Signal, began with research conducted between July and September 2020. A leaked internal ENP spreadsheet showed that during this time, the group was researching three to four websites per day, and that at the time the spreadsheet was written, around 20 sites had been reviewed and analyzed by ENP’s internal research organization, the Studies Center, the report notes.