Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

Microsoft  says hackers backed by the Iranian government targeted over 100 high-profile potential attendees of two international security and policy conferences.

 

Microsoft says Iranian hackers targeted ‘high profile’ conference attendees
Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

 

The group, known as Phosphorus (or APT35), sent spoofed emails masquerading as organizers of the Munich Security Conference, one of the main global security and policy conferences attended by heads of state, and the Think 20 Summit in Saudi Arabia, scheduled for later this month. Microsoft said the spoofed emails were sent to former government officials, academics and policy makers to steal passwords and other sensitive data, like email inboxes.

 

Microsoft did not comment, when asked, what the goal of the operation was, but the company’s customer security and trust chief Tom Burt said the attacks were carried out for “intelligence collection purposes.”

 

“The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape global agendas and foreign policies in their respective countries,” said Burt. “We’ve already worked with conference organizers who have and will continue to warn their attendees, and we’re disclosing what we’ve seen so that everyone can remain vigilant to this approach being used in connection with other conferences or events.”

 

Microsoft said the attackers would write emails written in “perfect English” to their target requesting an invitation to the conference. After the target accepted the invitation, the attackers would try to trick the victim into entering their email password on a fake login page. The attackers then later log in to the mailbox to steal the victim’s emails and contacts.

 

The group’s previous hacking campaigns have also tried to steal passwords from high-profile victims.

 

Iran’s consulate in New York could not be reached for comment as its website was down.

 

Read more at: Tech Crunch

 

Iran Briefing | News Press Focus on Human Rights Violation by IRGC, Iran Human Rights

Latest news
Related news