Iran government-backed hackers targeting high-profile people: Report – Times of India

Posted on

At a time when Iran is rocked by anti-hijab protests, a new report has claimed that hackers backed by the Iranian government have targeted at least 18 other high-profile activists, journalists, researchers, academics, diplomats, and politicians who are working on Middle East issues. These people have been targeted in an ongoing social engineering and credential phishing campaign, the report added.
US-based non-governmental organisation Human Rights Watch (HRW) claims the phishing attacks have been carried out by a group known as APT42, which is also referred to as Charming Kitten, and is affiliated with the Iranian government.
“Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups,” said Abir Ghattas, information security director at HRW.
What data has been compromised?
The HRW claims that the attackers gained access to emails, cloud storage drives, calendars and contacts of at least three people known to be compromised. “This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region,” Ghattas added.
How hackers gained access to private data?
HRW said that two of its staff members were also targeted in October. One member working in the Middle East and North Africa region received suspicious messages on WhatsApp. The person claimed he worked for a think tank based in Lebanon and invited the team member to attend a conference.
The investigation of the phishing links sent via WhatsApp suggested that when clicked, the link directed the target to a fake login page that was used to capture the user’s sensitive data. HRW also claims to have found additional targets of this ongoing campaign.

HRW and Amnesty International contacted the 18 high-profile individuals identified as targets and 15 of them confirmed to have received and responded to the same WhatsApp messages as the HRW staff member. The messages were shared with those targets between September 15 and as late as November 25, 2022.
“In a Middle East region rife with surveillance threats for activists, it’s essential for digital security researchers to not only publish and promote findings, but also prioritise the protection of the region’s embattled activists, journalists, and civil society leaders,” Ghattas said.
Past cyber attacks to gain sensitive data
This is not the first time Iran government-backed cyberattacks have been reported. Microsoft previously reported that hackers backed by the Iranian government targeted over 100 high-profile potential attendees of two international security conferences. In a separate report, Microsoft claimed to have found evidence that hackers associated with Iran targeted a 2020 presidential candidate.

Data of 500 million WhatsApp users leaked, How to check if you’re WhatsApp data is at risk

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *