oklaro

oklaro

oklaro

oklaro

oklaro

oklaro

oklaro

oklaro

oklaro

oklaro

oklaro

Slot Gacor https://ojs.uscnd.ac.id/ https://lpm.uscnd.ac.id/ https://aplikasi.ppdu.ponpes.id/pon/ GB777 GB777 GB7771

Iran-backed hackers stage phishing campaign against activists, journalists: HRW

  • Share

LONDON – Iran-backed hackers have launched a targeted attack against a number of high-profile human rights activists, journalists, academics, and government officials, according to Human Rights Watch.

The company discovered that an Iran-linked hacking entity identified as APT42, thought to be a cyberespionage group, had started a concerted phishing attack.

According to the HRW study, two of its employees were targeted, along with 18 other people, resulting in the hacking of three individuals’ emails.

The emails, cloud storage, calendars, and contacts of a US newspaper correspondent located in the Middle East, a Gulf-based women’s rights activist, and a refugee advocate in Lebanon were all compromised by APT42.

According to HRW, the phishing attempt was carried out via WhatsApp, with 15 targets getting strange messages between September and November of this year.

The communication, disguised as a conference invitation, allowed APT42 to get access to the three victims’ Google accounts after they were duped into entering their two-factor authentication data.

Iran has long used phishing as part of its cyberwarfare strategy.

Since 2010, hackers and espionage groups tied to the Iranian regime have successfully hacked and leaked data from government, military, and commercial targets worldwide.

The US Treasury Department’s Office of Foreign Assets Control sanctioned APT42 members in September.

Google, as well as cybersecurity firms Recorded Future and Proofpoint, have stated that APT42 works for Iranian authorities.

Mandiant, a cybersecurity firm, stated earlier this year that the group’s activities were directed by Iran’s Islamic Revolutionary Guard Corps.

According to HRW, APT42 employs advanced social engineering tactics to disguise phishing attempts.

APT42 members utilize the real information of conference organizers to create false accounts and contact high-profile activists and officials in order to acquire the trust of victims.

In previous operations, the organization pretended to be members of the Munich Security Conference and the G20 Think 20 Summit in Saudi Arabia in order to contact targets and initiate phishing attacks.

“Iran’s state-backed hackers are aggressively exploiting sophisticated social engineering and credential harvesting strategies to obtain sensitive material and connections maintained by Middle East-focused scholars and civil society groups,” said Abir Ghattas, information security director at HRW.

“This greatly enhances the hazards that journalists and human rights defenders confront in Iran and throughout the region.”

“In a Middle East region fraught with surveillance threats for activists, it’s critical for digital security experts to prioritize the protection of the region’s embattled activists, journalists, and civil society leaders,” she added.

Source: Iran News

  • Share