Iranian Hacking Group's Undercover Espionage Scheme Exposed
An Iranian hacking group used a fake recruitment business to trap national security officials in Iran, Syria, and Lebanon, according to Mandiant. The group, linked to APT42, collected confidential information which could support Iranian intelligence. The operation, active since 2017, leveraged inauthentic online profiles across multiple platforms.
An Iranian hacking group employed a fake professional recruiting business to ensnare national security officials in Iran, Syria, and Lebanon, new research from U.S. cybersecurity firm Mandiant reveals. Mandiant, a part of Alphabet's Google Cloud, says the hackers are loosely tied to APT42, also known as Charming Kitten.
The extensive mission dates back to 2017 and continued until recently. At times, the hackers made their operation appear Israeli-controlled to identify figures in the Middle East willing to sell information to Israel and Western countries. The campaign targeted military and intelligence personnel linked to Iran's regional allies.
Digital spies fabricated websites impersonating human resource firms, using platforms like Telegram, Twitter, YouTube, and the Iranian social media platform Virasty to promote their front companies. While most associated internet accounts are now removed, the potential exploitation of the collected data remains a concern, according to Mandiant.
(With inputs from agencies.)
Google News