Iran-linked cyber operations are drawing renewed attention for relying less on advanced code and more on human manipulation to gain access to sensitive systems.
At the centre of this activity is Charming Kitten, a group associated with Iran’s security apparatus which has spent years targeting officials, researchers, and corporate employees. Instead of exploiting technical vulnerabilities, operatives frequently impersonate trusted contacts, using carefully crafted messages to trick victims into revealing credentials or installing malicious software.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ex-US Air Force intelligence officer charged with spying for Iran
February 14, 2019
U.S. authorities on Wednesday charged former Air Force intelligence officer Monica Witt with helping Iran launch a cyber-spying operation that targeted her former colleagues after she defected from the United States. The U.S. Justice Department said Witt, 39, assembled dossiers on eight U.S. military intelligence agents she had worked with for Iranian hackers, who then used Facebook and ...
- ‘Unprecedented’ DNS Hijacking Attacks Linked to Iran
January 10, 2019
The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran. A wave of DNS hijacking attacks targeting victims in North America, Europe, Middle East and North Africa have been linked to Iran. The attacks, which have been ongoing over the past two years, have had “a high degree of success” ...
- Charming Kitten Iranian Espionage Campaign Thwarts 2FA
December 17, 2018
The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. A range of political and civil society targets are under fire in an APT attack dubbed the Return of Charming Kitten. The campaign has been tailored to get around two-factor authentication in order to compromise email ...
- U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks
November 28, 2018
The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hacking and fraud charges, the indictmentunsealed today at New Jersey court revealed. The duo used SamSam ransomware to ...
- New Stuxnet Variant Allegedly Struck Iran
October 31, 2018
A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. Details about the supposed new attack are superficial at the moment, as there are no details about the supposed attack, the damage it caused or its targets. A report on Wednesday from Israeli evening news bulletin ...
- OilRig APT Continues Its Ongoing Malware Evolution
September 13, 2018
The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. OilRig, an APT group believed to have ties to Iran, has been spotted in yet another campaign in the Middle East – this time targeting victims within an undisclosed government using an ...