Another Iranian hacking tool ‘Jason’ leaked on Telegram

• The new leak has exposed the source code of a hacking tool named ‘Jason’ which is completely new and has not been spotted in any previous attacks.
• Lab Dookhtegan has previously leaked six hacking tools belonging to Iranian state hackers on the same Telegram channel.

A new hacking tool belonging to the Iranian state hackers has been published online on the Telegram channel by a hacker who goes under the name ‘Lab Dookhtegan’.

More details on the leak

• The new leak has exposed the source code of a hacking tool named ‘Jason’ which is completely new and has not been spotted in any previous attacks.
• However, the tool has been developed in 2015, meaning Iranian state hackers could have used it for at least four years.

According to security researcher Omri Segev Moyal, Jason hacking tool is a GUI utility for brute-forcing Microsoft Exchange email servers using pre-compiled lists of username and password combinations.

Who is Lab Dookhtegan?

• Lab Dookhtegan has previously leaked six hacking tools belonging to Iranian state hackers on the same Telegram channel.
• The six hacking tools include Glimpse, PoisonFrog, HyperShell, HighShell, Fox Panel, and Webmask.
• These tools have been spotted in previous attacks launched by the Iranian cyber espionage group APT34, Oilrig, or HelixKitten.

Lab Dookhtegan has been spying on Iranian intelligence agents and sharing their real names, social media profiles, phone numbers, or personal photos, on public forums on a daily basis.

“While initially it was believed that Lab Dookhtegan was a former insider, the new consensus is that this is the online persona of a foreign intelligence agency who is trying to expose Iranian hacking efforts in attempts to damage the country's cyber-espionage operations, as long as its political connections with neighbors and allies,” ZDNet reported.