Iranian hackers conducted 3 year campaign trying to spy on US leaders over Facebook
'Elaborate' campaign targeted politicians and military personnel to trick them into giving up log-in credentials and downloading malware
Thursday 29 May 2014
Iranian hackers created a fake news website and a string of fake Facebook profiles as part of a three-year campaign to spy on US politicians and military officers, a new report has claimed.
Security firm iSight Partners say that fake social media personas were created by the hackers with complex backgrounds. These were used to contact targets, sending them legitimate content before trying to gain access to government and corporate networks through the use of malware.
The hackers also "intimated their interest in specific defence technology, as well as military and diplomat information by their targeting" said the company.
The operation’s targets reportedly included ambassadors, a four-star Navy admiral and lawmakers, and personnel from countries including Britain, Syria, Iraq and Afghanistan.
iSight has not disclosed the identity of any victims nor if any data has been stolen, although the firm’s executive vice president Tiffany Jones said “if it's been going on for so long, clearly they have had success.”
As part of the campaign the hackers set up a fake news site called NewsOnAir.org which republished articles from the BBC, Reuters and the Associated Press under the names of six fake journalists.
A screenshot of the fake news site. Credit: iSight
These personas – along with eight faked defence contractors – were given profiles on Facebook and other social media networks that were then used to contact targets in the US and other countries.
iSight said that this type of “social engineering” campaign was the most elaborate by any nation to be uncovered to date and that the perpetrators wanted to stay “under the radar.”
“This campaign is not loud. It is low and slow," said Jones. "They want to be stealth.”
To build credibility the fake personas attempted to befriend victims’ friends, colleagues, relatives and classmates, and would initiate contact by sharing legitimate content before sending links containing malware or requesting network credentials.
iSight said that it has alerted the FBI as well as overseas authorities and some victims. The FBI has not issued a statement on the report, although Facebook have said that they discovered the hacking group while investigating suspicious activity on the site.
A Facebook spokesperson told Reuters: “We removed all of the offending profiles we found to be associated with the fake NewsOnAir organization and we have used this case to further refine our systems that catch fake accounts.”
Earlier this month another US cyber security firm FireEye said that it had detected new activity from a hacking group believed to be operating out of Iran named the Ajax Security Team (AST).
FireEye said that the AST had been targeting defence organizations by coding their own malware, describing the move as “an evolution” for the country as it seeks better control political dissent and expand its “offensive cyber capacities.”
Emergency call 'started off dumb, but got pretty serious'
Britain First criticised for using actress's memory to draw attention to their 'hate-filled home page'
Thought you'd seen it all after the Jeremy Paxman interview?
Greatest mystery about the hit BBC1 show is how it continues to be made at all, writes Grace Dent
"History is violent," says the US Army tank commander Don "Wardaddy" Collier
Striker's four-month ban for biting an opponent expires on Friday
Life & Style blogs
Ebola outbreak: Virus to kill 67,000 in Monrovia by December, claims academic study
Nokia no more: Microsoft drops once-ubiquitous mobile name – in favour of its Lumia brand
Ebola: NYC doctor Craig Spencer tests positive for disease after returning from west Africa
Watch what happened when food critics were unknowingly served McDonald's
What do the text messages between you and your partner reveal about your relationship?
Of course, teenage girls need role models – but not like beauty vlogger Zoella
Cameron is warned 'no possibility' of UK reducing immigration and that bid to bring in quota on migrant workers would be illegal
Support for EU membership 'at highest level since 1991' with most Brits wanting to stay 'in'
Thousands with degenerative conditions classified as 'fit to work in future' – despite no possibility of improvement
Residents should throw a street party and mix with immigrant neighbours, councils told
Attacks on 'Ukip Calypso' show how skewed people’s priorities are
- 1 This 'woman calls police to order pizza' story isn't going where you're expecting
- 2 Axe wielding man shot dead after attacking four New York policemen on busy street
- 3 Watch what happened when food critics were unknowingly served McDonald's
- 4 Jimmy Carr's Oscar Pistorius joke goes a bit too far at the Q Awards
- 5 Ottawa shootings: Bruce MacKinnon's cartoon is the perfect tribute to soldier Nathan Cirillo
iJobs Gadgets & Tech
£350 Per Day: Clearwater People Solutions Ltd: Our client based in Reading are...
£20000 - £22000 per annum + Benefits: Ashdown Group: Helpdesk Support Analyst ...
£45000 per annum: Ampersand Consulting LLP: Datacentre Consultant (Datacentre,...
£45000 per annum + Excellent Benefits: Ampersand Consulting LLP: .NET Develope...