From Washington-A group of infamous hackers affiliated with the Iranian Revolutionary Guard Corps are secretly targeting college professors and other professionals seeking sensitive information, according to a study by cybersecurity firm Proofpoint.
Proofpoint said in a new report released Tuesday that the group, known as TA453, has been approaching victims by pretending to be a British scholar at the School of Oriental and African Studies (SOAS) at the University of London since at least January. ..
Researchers were unable to independently confirm that the hacker group was part of the IRGC, but said they were “highly confident” that they supported the IRGC’s information gathering efforts. Stated. IRGC is a foreign terrorist organization designated by the United States.
Targets for the latest campaign included think tank experts in Middle East issues, top professors at well-known academic institutions, and journalists specializing in the Middle East. According to Proofpoint, most of the victims were previously targeted by the same hacker group.
“These groups have consistent information that the Iranian government is interested in, such as information on foreign policy, insights into Iran’s opposition, and an understanding of US nuclear negotiations,” the researchers write. It was. “Targeting seemed to be very selective, targeting less than 10 tissues.”
The company did not disclose the name of the target, but said it worked with authorities to notify the victim.
In this type of hacking campaign, known as credential harvesting, cybercriminals first email the victim and then link to a compromised website designed to steal malicious attachments or passwords. Will be sent.
As part of a recent operation, a group of IRGC-bound hackers broke the SOAS Radio website and sent victims a “registration link” to the site, researchers said. According to the report, the compromised website has been adjusted to obtain various credentials.
In one case, a hacker disguised as a “Senior Education Researcher” at SOAS sent the first email attempting to seduce a target with an invitation to an online conference on “US Security Challenges in the Middle East.” did. In an exchange confirming the victims’ interest in the meeting, the researchers said the hackers sent the target a “detailed invitation” to the fake event.
Read the complete article at: Eminetra