Security News > 2020 > February > Iranian Hackers Target Journalists in New Phishing Campaign
The newly detailed phishing attack, Certfa Lab says, is related to previously observed activity targeting a U.S. presidential candidate, government officials, media targets, and prominent expatriate Iranians, where the hackers employed an updated spear phishing technique.
As part of the campaign, the threat actor created a fake account impersonating New York Times journalist Farnaz Fassihi journalist), to send fake interview invitations to victims and trick them into accessing phishing websites.
Analysis of the phishing websites used in these attacks reveal the use of servers previously associated with other Charming Kitten phishing attacks.
"This new series of phishing attacks by the Charming Kitten are in line with previous activities seen from their group. For example, we identified similar settings for the servers used in this attack with their previous campaigns. The Charming Kitten used Google Sites for their phishing attack, and Certfa believes that they work on the development of a series of malware for their future phishing attack campaign," the security company added.
The campaign has been active ever since and attacks are ongoing, with new infrastructure and different identities or scenarios observed, he said.