Security News > 2021 > July > Facebook Suspends Accounts Used by Iranian Hackers to Target US Military Personnel
Facebook on Thursday disclosed it dismantled a "Sophisticated" online cyber espionage campaign conducted by Iranian hackers targeting about 200 military personnel and companies in the defense and aerospace sectors in the U.S., U.K., and Europe using fake online personas on its platform.
The social media giant pinned the attacks to a threat actor known as Tortoiseshell based on the fact that the adversary used similar techniques in past campaigns attributed to the threat group, which was previously known to focus on the information technology industry in Saudi Arabia, suggesting an apparent expansion of malicious activity.
"This group used various malicious tactics to identify its targets and infect their devices with malware to enable espionage," said Mike Dvilyanski, Head of Cyber Espionage Investigations, and David Agranovich, Director, Threat Disruption, at Facebook.
According to the company, the attacks were part of a much larger cross-platform campaign, with the bad actors leveraging Facebook as a social engineering vector to redirect the victims to rogue domains via malicious links.
The fraudulent domains, including fake versions of a U.S. Department of Labor job search site and recruiting websites, were designed to target persons of likely interest within the aerospace and defense industries with the ultimate goal of perpetrating credential theft and siphoning data from email accounts belonging to the targets.
Around 200 accounts run by the hacking group were removed, Facebook added.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/D71FVAKV1pY/facebook-suspends-accounts-used-by.html
Related news
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- US says Chinese hackers breached multiple telecom providers (source)
- US warns of last-minute Iranian and Russian election influence ops (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- US indicts Snowflake hackers who extorted $2.5 million from 3 victims (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)