Iranian state-aligned threat actor targets new victims in cyberespionage and kinetic campaigns

2022-12-14 17:13

The threat actor targets high-profile and high-security accounts for cyberespionage purposes.

Their favorite method to approach and attack their targets consists of using web beacons in emails before eventually attempting to harvest the target's credentials.

A shift in TA453's methods Email accounts used to reach the targets.

The use of email accounts created by the attacker is sometimes dropped by threat actors in favor of using real compromised accounts.

In May 2022, an Israeli researcher received an email coming from a spoofed email address of a reputed academic to invite the target to a conference in order to kidnap them.

TA453 generally approaches its targets with email accounts they create and begins establishing contact with their targets through benign conversation, although some of its subgroups may directly hit the target with a credential harvesting link.

News URL

https://www.techrepublic.com/article/iranian-state-threat-actor-targets-new-victims/

#cyberespionage #iranian #threat