Connect with us

International

Iranian hackers target US military formations, Defence companies

Published

on

Reports from the United States indicate that sophisticated hackers from Iran have been targeting its military formations and defence companies in a bid to undermine its security.

US military intelligence reported on Friday that the hackers have been intensifying efforts to exploit US and Western targets in cyberspace, running a campaign aimed at manipulating American military personnel and defense companies.

A statement by the US military department said Tehran’s latest campaign, orchestrated on Facebook by a group known as Tortoiseshell, used a series of sophisticated, fake online personas to make contact with US service members and employees of major defense companies in order to infect their computers with malware and extract information.

“This activity had the hallmarks of a well-resourced and persistent operation, while relying on relatively strong operational security measures to hide who’s behind it.

“It is much broader cross-platform cyber espionage operation.”

Employees of defense companies in the UK and other European countries were also targeted.

“These accounts often posed as recruiters and employees of defense and aerospace companies from the countries their targets were in.

“Other personas claimed to work in hospitality, medicine, journalism, NGOs and airlines.

READ ALSO: Hackers demand $70m for data stolen from hundreds of companies

“Our investigation found that this group invested significant time into their social engineering efforts across the internet, in some cases engaging with their targets for months.

“They leveraged various collaboration and messaging platforms to move conversations off-platform and send malware to their targets.”

Facebook has also released a statement, saying it has notified users who appeared to have been targeted, took down the fake accounts and blocked the malicious domains from being shared.

The social media company said it was able to trace the activity to Iran, in part because of the distinctive malware, known to have been developed by Mahak Rayan Afraz, a Tehran-based company with links to Iran’s Islamic Revolutionary Guard Corps.

The US intelligence community, earlier this year, also accused Iran of meddling in the 2020 US presidential election, carrying out a “multi-pronged covert influence campaign intended to undercut former President Trump’s reelection prospects.”

Join the conversation

Opinions

Investigations