[TheRecord] Suspected cyberattack temporarily disrupts gas stations across Iran

A software glitch believed to have been caused by a cyberattack has disrupted gas stations across Iran and defaced gas pump screens and gas price billboards.

The incident, which took place earlier this morning, impacted the IT network of NIOPDC, a state-owned gas distribution company that manages more than 3,500 gas stations across Iran.

According to reports in local media [123] and images and videos uploaded on social networks, the cyberattack caused NIOPDC gas stations to show the words “cyebrattack 64411” on their screens earlier in the morning.

The gas pumps could be used to refuel cars, but NIOPDC employees shut down operations after the company realized they couldn’t track and charge customers for the fuel they put in their cars.

As gas stations around #Iran are out of service today, a photo is circulating showing one station with a message on a small monitor saying “cyber attack 64411.” 64411 is the phone number for the Office of Iran’s Supreme Leader. pic.twitter.com/rlrVLHjt76

— Iran International English (@IranIntl_En) October 26, 2021

Additionally, gas price billboards mounted by the NIOPDC across major cities also listed the same “cyberattack 64411” message, along with “Khamenei where is the gas?” and “Free gas at [local gas station’s name].”

The 64411 number is the phone number for the office of Supreme Leader Ayatollah Ali Khamenei.

The same number was also shown on the billboards of Iranian train stations during a cyberattack that took place on July 9, when travelers were asked to call the Iranian leader and ask why their trains were late.

The July attack on Iranian train stations was later linked to a piece of data-wiping malware called Meteor.

Iranian petrol stations have been targeted by a nationwide cyber-attack, with digital screens displaying the message “64411” at pumps. Some billboards have been caught on video display the messaging: “Khamenei, where is our petrol?”pic.twitter.com/Ql8vofFbAF

— Shayan Sardarizadeh (@Shayan86) October 26, 2021

However, despite a slew of evidence posted on social media, a Ministry of Oil spokesperson played down reports of a “cyberattack” in an official statement released later in the afternoon and blamed the incident on a software glitch, according to Jahan News.

The same outlet later reported that refueling operations have resumed for affected gas stations.

Government officials also held an emergency meeting in regards to the incident, and some Iranian news outlets retracted reports of a cyberattack after receiving a scolding from the Iranian regime.

The post Suspected cyberattack temporarily disrupts gas stations across Iran appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[NCSC-FI News] Venäjällä on kapasiteettia irrottaa itsensä internetistä, mutta kynnys on korkea

Venäjällä on tekninen kyvykkyys irrottaa itsensä globaalista internetistä, arvioi Suomen valtion kyberturvallisuusjohtaja Rauli Paananen Internetin kautta on mahdollista välittää venäläisille tietoja hyökkäyksestä Ukrainaan ohi virallisten propagandakanavien. Venäjän irtautuminen internetistä ja siirtyminen omaan Runet-verkkoon lopettaisi tämän Tällaisessa tapauksessa venäläiset eivät tietäisi mitä ulkomaailmassa tapahtuisi, vaan he olisivat maan sisäisen viestinnän varassa. Source: Read More (NCSC-FI daily […]

Read More

[TheRecord] New Log4j attacks target SolarWinds, ZyXEL devices

Cybercriminals looking to capitalize on the Log4Shell vulnerability are attacking devices from SolarWinds and ZyXEL that are known to have used the Log4j library inside their software, according to two reports published on Wednesday by Microsoft and Akamai. The most urgent of these attacks are those spotted by Microsoft, which said it discovered a threat actor abusing […]

Read More

[SecurityWeek] Audit: Cybersecurity Weak for Many Kansas School Districts

All posts, Security Week

Many Kansas school districts aren’t taking basic steps to protect their computer systems and the privacy of sensitive information collected about students, according to a legislative audit release Tuesday. read more Source: Read More (SecurityWeek RSS Feed)

Read More