TODAY’S TECH ALERT
ALERT: You need to know this.
I send these alerts only when it’s truly important. This is one of those moments. Please read and share this with someone you know.
This alert is sponsored by Webroot. More on what Webroot can do for you right now below.*
Image: Gemini
🚨 Iranian hackers were inside U.S. banks before the first bomb dropped
Here's the part that should keep you up at night.
Before the U.S. and Israel launched strikes on Iran in late February, before any missiles flew, before any of it made the news, a group of Iranian government hackers was already quietly sitting inside American networks. U.S. banks. U.S. airports. Nonprofits. A defense software company.
Just waiting.
Researchers at Carbon Black confirmed it this week. The group is called MuddyWater and it operates directly under Iran's Ministry of Intelligence. Think of it less like a hacking crew and more like a foreign intelligence agency with a keyboard. They've been active since 2017 and they are very good at not being noticed.
The cyber war didn't start when the bombs dropped. It was already underway.
🕵️ Why this one is different
Most malware gets caught because security software recognizes it. MuddyWater deployed a brand new backdoor nobody had ever seen before. No signature. No pattern to match. It looked completely legitimate because they signed it with stolen certificates issued to real names. Everything checked out on the surface.
Until researchers dug deeper.
They were also using a tool called Rclone to quietly copy stolen files straight to ordinary cloud storage. Not shady dark web servers. The kind of cloud storage your company uses every day. The kind that doesn't raise flags.
🏦 What this means for you
Your bank is not going to call you. There's no law requiring them to notify customers when a foreign government spends six weeks parked in their systems. You'll get a letter if your account number was stolen. You won't get a call that says "Iran's intelligence service was reading our files last month."
So you protect yourself. Here's how.
Turn on transaction alerts for every bank and credit card account you have. Open your banking app, find Notifications or Alerts, and flip on every transaction. Set the threshold to $0. You want to know about the $0.25 test charge before they run the $2,500 one.
Freeze your credit if you're not actively applying for anything. It's free. Takes ten minutes. Go directly to Equifax, Experian, Innovis, and TransUnion and freeze all four. Unfreeze when you need it. Refreeze when you're done.
Check your accounts right now for tiny charges between $0.01 and $1.00. That's how attackers test a stolen card before they sell it or use it. Most people never notice. That's the whole point.
Make sure the devices you use for banking are actually clean. Your bank's security ends at their front door. What happens on your laptop or phone is entirely on you.
🛡️ This is exactly where Webroot comes in
Webroot runs silently in the background and catches threats at the device level before they can phone home. It's cloud-based, which means it's constantly updated in real time instead of waiting for you to remember to run an update. Free antivirus software reacts to yesterday's threats. Webroot is watching for today's.
Here's what free doesn't give you.
Dark web monitoring that alerts you the moment your personal information shows up somewhere it shouldn't.
Identity theft protection backed by up to $1 million in fraud expense reimbursement for U.S. customers.
Real-time phishing protection that blocks malicious sites before you even land on them.
Text scam detection, which is brand new and exactly what this moment calls for.
The free antivirus already on your computer was built to catch the threats everyone already knows about. MuddyWater deployed a backdoor nobody had ever seen before. That's not a known threat. That's a brand new one.
Webroot's behavior-based detection watches what software does on your device, not just what it looks like. That's the difference between catching it and missing it entirely.
Setup takes minutes. The peace of mind lasts a lot longer.
The attack on your bank's network may have already happened. The attack on your device hasn't. Keep it that way.
Photo credit(s): Gemini
Disclosure: This is a paid advertisement on behalf of our sponsor, Webroot. I only partner with brands that I personally use or believe provide significant value to my community.
Unsubscribe from sponsor offers from my sponsors and partners.
This newsletter is provided for informational and entertainment purposes only and does not constitute legal, financial, medical, or professional advice of any kind. Readers should consult with a qualified professional before making any decisions based on this content. The publisher disclaims all liability for any loss, damage, or injury resulting from the use of or reliance on the information contained herein.