Security News > 2022 > September > Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
Hackers tied to the Iranian government have been targeting individuals specializing in Middle Eastern affairs, nuclear security and genome research as part of a new social engineering campaign designed to hunt for sensitive information.
Enterprise security firm attributed the targeted attacks to a threat actor named TA453, which broadly overlaps with cyber activities monitored under the monikers APT42, Charming Kitten, and Phosphorus.
Spoofed personas include people from Pew Research Center, the Foreign Policy Research Institute, the U.K.'s Chatham House, and the scientific journal Nature.
The idea is to "Leverage the psychology principle of social proof" and increase the authenticity of the threat actor's correspondence so as to make the target buy into the scheme, a tactic that demonstrates the adversary's continued ability to step up its game.
"This is an intriguing technique because it requires more resources to be used per target - potentially burning more personas - and a coordinated approach among the various personalities in use by TA453," Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, said in a statement.
"Researchers involved in international security, particularly those specializing in Middle Eastern studies or nuclear security, should maintain a heightened sense of awareness when receiving unsolicited emails."
News URL
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Related news
- Iranian hackers charged for ‘hack-and-leak’ plot to influence election (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)