Security News > 2022 > December > Iran-linked Charming Kitten espionage gang bares claws to pollies, power orgs
An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets - including politicians, government officials, critical infrastructure and medical researchers - according to email security vendor Proofpoint.
Over the past two years, the threat actor group that Proofpoint's researchers track as TA453 has branched out from its usual victims - academics, researchers, diplomats, dissidents, journalists and human rights workers - and adopted new means of attack.
The gang's new targets and tactics also provide better insight into "TA453's potential support of IRGC surveillance and attempted kinetic operations," including murder for hire and kidnapping plots, according to Proofpoint.
In September, Google's Mandiant threat research biz also linked this cyber espionage group to Iran's IRGC, which has plotted to murder US citizens including former National Security Advisor John Bolton.
In addition to the cyber crime gang's ties to the IRGC, the Proofpoint researchers noted "With moderate confidence that the more aggressive activity could represent collaboration with another branch of the Iranian state, including the IRGC Quds Force."
In 2021, approximately five days after a US government official publicly commented on the Joint Comprehensive Plan of Action negotiations, the official's press secretary was targeted via a compromised email account from a local reporter," according to the Proofpoint researchers.