Iranian hackers pretending to be journalists
Iranian hackers pretending to be journalists

Iranian hackers pretend to be journalists aiming to hit targets on WhatsApp and LinkedIn and infect their devices with malware targeting government agencies, defense technology, and the military.

Clersky said in a blog post: Iranian infiltrators pretended to be a correspondent for Deutsche Welle and used WhatsApp messages as their main platform for them to get close to their targets and persuade him to open harmful links.

(Clersky) said this development marked the first major attack by the perpetrator on WhatsApp and LinkedIn, including calling the victim.

After the company reported the violation to Deutsche Welle, German radio confirmed that journalists posing as "Charming Kitten" did not send any e-mails to the victims or other academic researchers during the course. The past weeks.

Since at least December 2017, Lovely Cats - also known by pseudonyms (APT35), (Parastoo), (NewsBeef) and (Newscaster) - have been involved in a series of covert activities since at least December 2017, stealing sensitive information about human rights activists and academic researchers. .

The Iranian organization attempted to urge victims to open a malicious link embedded in the Deutsche Welle hack that provides malware that can steal information through WhatsApp, but not before contacting the victim for the first time. Times through proven social engineering methods. Encourage scholars to speak at the webinar. .

(Clairsky) stated that the contact started by sending an email to the target to start a conversation. After a short conversation with the target, he asked (Charming Kitten) to transfer the conversation to WhatsApp, if the target refused to convert to WhatsApp, Charming Kitten would send a message to your LinkedIn account. Placebo.

Although Charming Kitten has used this technology, it is not the first time that Iranian hackers have used social media to monitor people in trouble.

ISIGHT Partners conducted a three-year investigation of Newscaster in 2014 and found that the actor had created a fake Facebook account and news site to monitor military and political leaders in the United States and elsewhere. country.

Clearsky researchers said that during this campaign we found that the attackers were willing to use WhatsApp calls and legitimate German phone numbers to speak directly to victims.




Save 80.0% on select products from RUWQ with promo code 80YVSNZJ, through 10/29 while supplies last.

HP 2023 15'' HD IPS Laptop, Windows 11, Intel Pentium 4-Core Processor Up to 2.70GHz, 8GB RAM, 128GB SSD, HDMI, Super-Fast 6th Gen WiFi, Dale Red (Renewed)
Previous Post Next Post