Illustration: Aïda Amer/Axios

A hacker group associated with the Iranian government is selling “access to compromised networks on an underground forum,” likely without Tehran’s blessing, according to research by threat intelligence firm CrowdStrike.

Why it matters: That these Iranian hackers were apparently caught trying to make money on the side may show the dangers of relying on likely underpaid contractors to conduct sensitive offensive cyber operations.

What’s happening: The group, which CrowdStrike has named “Pioneer Kitten,” has been active since 2017, with its last known activity occurring in July 2020.

  • The group has focused on hacking North American and Israeli targets in the “technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail” sectors, says CrowdStrike, with a particular focus on government, defense and tech firms.
  • Pioneer Kitten often focuses on targets of opportunity, says CrowdStrike, such as unpatched devices, showing that you don’t need to employ advanced tactics to achieve operational results.

The intrigue: In late July, CrowdStrike observed someone associated with Pioneer Kitten selling access to hacked networks online.

  • CrowdStrike believes this commercial activity would not have been sanctioned by Tehran and that Pioneer Kitten may therefore consist of contractors associated with the Iranian government — not actual intelligence officers.

Go deeper

Chinese hacking group moves on from targeting COVID intelligence

Illustration: Annelise Capossela/Axios

A Chinese government-associated hacking group that shifted its focus this spring toward collecting intelligence involving coronavirus response has again reoriented its work, this time to target Tibetan dissidents, according to security firm Proofpoint.

Between the lines: China’s intelligence services may now feel that, with the initial COVID-19 crisis in both Europe and China now receding, they can return to older, core priorities.

Mike Allen, author of AM
1 hour ago - Politics & Policy

Biden pushes unity message in new TV wave

A fresh Joe Biden ad, "New Start," signals an effort by his campaign to make unity a central theme, underscoring a new passage in his stump speech that says he won't be a president just for Democrats but for all Americans.

What he's saying: The ad — which began Friday night, and is a follow-up to "Fresh Start" — draws from a Biden speech earlier in the week in Manitowoc, Wisconsin:

Updated 2 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 6:30 p.m. ET: 32,390,204 — Total deaths: 985,302 — Total recoveries: 22,286,345Map.
  2. U.S.: Total confirmed cases as of 6:30 p.m ET: 7,020,967 — Total deaths: 203,481 — Total recoveries: 2,710,183 — Total tests: 98,476,600Map.
  3. States: "We’re not closing anything going forward": Florida fully lifts COVID restaurant restrictions — Virginia Gov. Ralph Northam tests positive for coronavirus.
  4. Health: Young people accounted for 20% of cases this summer.
  5. Business: Coronavirus has made airports happier places The expiration of Pandemic Unemployment Assistance looms.
  6. Education: Where bringing students back to school is most risky.