Microsoft Report: Iranian Hackers Target Middle East Experts
According to a recent Microsoft report, a group of Iranian hackers has been actively targeting high-profile experts in Middle Eastern affairs. These attacks have been directed at individuals associated with universities and research organizations across various countries, including the US, UK, Belgium, France, Israel, and Gaza.
Phishing Campaigns and Techniques
The hackers, identified as a subset of a group called Mint Sandstorm, have been employing sophisticated phishing schemes since November. These schemes involve sending deceptive links or forms, tricking targets into divulging sensitive personal information like passwords and credit card numbers. In their recent campaign, Mint Sandstorm utilized custom-made phishing lures to entice victims into downloading malicious files. Microsoft’s report highlighted the use of a new custom backdoor named “MediaPl” in some of these attacks.
Targets and Motives
The primary targets of these Iranian hackers are journalists, researchers, professors, and others with insights into security and policy issues pertinent to Tehran. The report suggests that these individuals are sought after for their potential influence on intelligence and policy communities. Microsoft’s findings indicate that the campaign might be aimed at gathering perspectives on events related to the Israel-Hamas war from a broad ideological spectrum.
Past Cyberattacks Linked to Iran
The report also references previous cyberattacks attributed to groups linked to the Islamic Republic of Iran and the Islamic Revolutionary Guard Corps (IRGC). These attacks have historically targeted Israeli individuals and organizations, among others. Notable incidents include a cyberattack on the Ziv Medical Center in Safed by Iran and Lebanon-based Hezbollah, leading to unauthorized access to sensitive patient information.
In another instance, Iranian hackers targeted users of job search websites in Israel with phishing messages containing malicious links designed to capture login information and potentially activate the device’s camera.
Increasing Cyber Threats in Israel
The Microsoft report’s findings corroborate with data from an Israel-based cybersecurity firm, Check Point, which reported an 18% increase in cyberattacks in Israel in October following the Hamas attacks on October 7th. According to Check Point, 52% of these attacks were directed at government systems, underscoring the rising threat of cyber espionage and cyber warfare in the region.
Conclusion
This latest report from Microsoft sheds light on the ongoing cyber warfare tactics employed by Iranian hackers, highlighting the need for heightened cybersecurity measures and awareness among targeted groups and individuals, especially those with valuable insights into Middle Eastern affairs.