Скачать или смотреть Hackers Sabotage Iranian Ships via Maritime Communications Terminals in MySQL Database

A sophisticated cyberattack targeted Iran’s maritime communications infrastructure in late August 2025, disrupting satellite links and navigation systems for dozens of sanctioned tanker vessels. Attackers infiltrated Fanava Group’s iDirect Falcon terminals, compromising a centralized MySQL database to map vessel networks. Exploiting unpatched vulnerabilities, threat actors executed destructive commands to wipe storage partitions, causing synchronized blackouts. The campaign, dubbed Lab-Dookhtegan, revealed persistent access and strategic disruption of oil transfers, highlighting critical weaknesses in legacy systems. Learn how attackers leveraged MySQL data, SSH keys, and cron jobs to orchestrate a 'scorched earth' attack, emphasizing the need for robust cybersecurity measures in critical infrastructure.

Key details: Unpatched Falcon consoles, plaintext credentials like '1402@Argo', SQL queries to extract vessel blueprints, and zeroing out modem storage. This attack underscores the risks of outdated tech and the importance of isolating management interfaces.