Iranian hackers attack US infrastructure via ransomware
KELA has warned of Iranian state hackers collaborating with ransomware groups to attack critical US infrastructure. Instead of directly deploying malware, they act as access brokers, passing networks to affiliates like NoEscape and ALPHV. This blurs the line between espionage and cybercrime, increasing legal risks for victims. Today, this is critical due to the evolution of Pay2Key into a professional platform masking destructive attacks as extortion.
