A Russia-linked group is believed to have utilized Iranian tools to conduct cyberattacks against dozens of countries, in an apparent effort to mask their identities, according to joint advisories by the U.S. and the U.K.
The group, known as Turla, used tools from suspected Iran-based hacking groups and deployed them against old and new targets. In order to acquire the tools, Turla "comprised the suspected Iran-based hacking groups themselves," according to the U.S. National Security Agency and the U.K.'s National Cyber Security Centre, which released the advisories on Monday.
The original owners of the tools "were almost certainly not aware of, or complicit with, Turla's use of their implants," the agencies said.