A British warning against Russian and Iranian hackers impersonating journalists to hack accounts
Thursday – 4 Rajab 1444 AH – January 26, 2023 AD
These hackers have similar goals, but they work separately (Reuters)-
London: «Asharq Al-Awsat»-
British cybersecurity officials have warned that hacking groups linked to Russia and Iran are tricking people into clicking on malicious links by impersonating journalists and experts.
According to the “Bloomberg” news agency, the UK’s National Cyber Security Center, affiliated with the British government, said today (Thursday) that these hackers, who have similar goals but operate separately, sought to steal emails belonging to workers in academia and defense. media and government, as well as from activists and NGOs. The center pointed out that hackers impersonate journalists, conference hosts and experts in various fields, warning against clicking on any unreliable links.
Both groups have been active for several years, but it is understood that they have recently intensified their activities in the United Kingdom as the war in Ukraine continues, as well as in the United States and other NATO countries, according to the center, which noted that the hackers “aimed to steal some secrets or leak correspondence over the Internet to embarrass Eminent personalities, not to steal money ».
“Threat actors, based in Russia and Iran, continue to ruthlessly pursue their targets in an attempt to steal data from the Internet and compromise potentially sensitive systems,” said Paul Chichester, the center’s director of operations.
He added, “Hackers usually seek to gain the trust of the target by impersonating a person with whom they are likely to communicate, such as a journalist, and eventually luring them into clicking on a malicious link that takes them to a web page, where they will be asked to enter their password. At this point, their email is easily hacked.”
Although this method is one of the oldest hacking techniques, what sets the two groups apart is the effort to deceive their targets, including creating “fake social media or network profiles impersonating respected experts” and offering invitations to non-existent conferences supposedly relevant to their targets. according to the center.
The center noted that in one case, an Iranian group, code-named Charming Kitten, held a fake meeting with its target and shared the malicious link in a chat bar during the phone call.
It is believed that the two groups are directed by the Russian or Iranian governments, and are involved in what is described as “electronic espionage” activities, but the British Center has not officially blamed the two countries.