Security News > 2021 > July > Facebook Suspends Accounts Used by Iranian Hackers to Target US Military Personnel

Facebook on Thursday disclosed it dismantled a "Sophisticated" online cyber espionage campaign conducted by Iranian hackers targeting about 200 military personnel and companies in the defense and aerospace sectors in the U.S., U.K., and Europe using fake online personas on its platform.

The social media giant pinned the attacks to a threat actor known as Tortoiseshell based on the fact that the adversary used similar techniques in past campaigns attributed to the threat group, which was previously known to focus on the information technology industry in Saudi Arabia, suggesting an apparent expansion of malicious activity.

"This group used various malicious tactics to identify its targets and infect their devices with malware to enable espionage," said Mike Dvilyanski, Head of Cyber Espionage Investigations, and David Agranovich, Director, Threat Disruption, at Facebook.

According to the company, the attacks were part of a much larger cross-platform campaign, with the bad actors leveraging Facebook as a social engineering vector to redirect the victims to rogue domains via malicious links.

The fraudulent domains, including fake versions of a U.S. Department of Labor job search site and recruiting websites, were designed to target persons of likely interest within the aerospace and defense industries with the ultimate goal of perpetrating credential theft and siphoning data from email accounts belonging to the targets.

Around 200 accounts run by the hacking group were removed, Facebook added.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/D71FVAKV1pY/facebook-suspends-accounts-used-by.html