Security News > 2020 > February > Iranian Hackers Target Journalists in New Phishing Campaign
The newly detailed phishing attack, Certfa Lab says, is related to previously observed activity targeting a U.S. presidential candidate, government officials, media targets, and prominent expatriate Iranians, where the hackers employed an updated spear phishing technique.
As part of the campaign, the threat actor created a fake account impersonating New York Times journalist Farnaz Fassihi journalist), to send fake interview invitations to victims and trick them into accessing phishing websites.
Analysis of the phishing websites used in these attacks reveal the use of servers previously associated with other Charming Kitten phishing attacks.
"This new series of phishing attacks by the Charming Kitten are in line with previous activities seen from their group. For example, we identified similar settings for the servers used in this attack with their previous campaigns. The Charming Kitten used Google Sites for their phishing attack, and Certfa believes that they work on the development of a series of malware for their future phishing attack campaign," the security company added.
The campaign has been active ever since and attacks are ongoing, with new infrastructure and different identities or scenarios observed, he said.
News URL
Related news
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)