The authoring agencies assess the Iranian actors sell this information on cybercriminal forums to actors who may use the information to conduct additional malicious activity.
The hackers conduct reconnaissance to determine potential victim identities, and then after gaining access, they often register compromised devices with MFA to retain that access.
Collection
[
|
...
]