Categories: US

Facebook said Iran-based hackers used the site to target US military personnel

Facebook said on Thursday it has dropped around 200 accounts run by a group of hackers in Iran as part of the meat-cyber operation that targets most US military personnel and people to work in defense and aerospace companies.
The social media giant said the group was nicknamed ‘Tortoiseshell’ by security experts, using fake online persona to connect with the target, building trust sometimes for several months and pushed it to other sites where they were cheated to click on the evil link that would infect the device They spy on malware.
“This activity has the advantage of good and persistent resource operations, while relying on relatively strong operational security measures to hide who is behind it,” said the Facebook investigation team in a blog post.
Group, Facebook said, made a fictitious profile on various social media platforms to appear more credible, often disguised as a recruiter or aerospace and defense company employees.
LinkedIn belongs to Microsoft said it has removed a number of accounts and Twitter said it was “actively investigating” information in Facebook’s report.
Facebook says the group uses email services, messaging and collaboration to distribute malware, including through a malicious Microsoft Excel spreadsheet.
A spokesman Microsoft said in a statement to realize it and trace this actor and take action when detecting evil activities.
Alphabet Inc.
said it had detected and blocked phishing on Gmail and issued a warning to its users.
The Workplace Messaging Slack Technologies Inc.
application said it had acted to record hackers that use sites for social engineering and close all workspaces that violate the rules.
The hackers also use a customized domain to attract its target, Facebook said, including fake recruiting websites for defense companies, and arranging online infrastructure which cheats a legitimate job search for the US Department of Labor.
Facebook says the hackers are mostly targeting people in the United States, and some in the UK and Europe.
Facebook refuses to name the company whose employees are targeted but say it tells the targeted individual.
This campaign seems to show expansion of group activities, which have previously been reported concentrating mostly in the IT industry and others in the Middle East, Facebook said.
The investigation found that some of the malware used by the group was developed by Mahak Rayan Afraz (MRA), an IT company based in Tehran with a bond with an Islamic revolutionary guard corps.
Reuters cannot immediately find contact information for Mahak Rayan Afraz and former company employees do not immediately return messages sent via LinkedIn.
Iran’s mission to the United Nations in New York did not immediately respond to a request for comments.

news2in

Share
Published by
news2in

Recent Posts

44 ordered to attack the procession

Ludhiana: The police have submitted FIR to four identified and at least 40 unknown attackers…

3 years ago

Punjab: Police Reject conspiracy theory in the case of Deep Sidhu

Sonīpat / Ludhiana / Ambala: Actor Punjabi - Activist Activist Deep Sidhu, who died in…

3 years ago

Punjab: Hidden Strength Working Behind PM Narendra Modi, Arvind Kejriwal, said Rahul Gandhi

PATIALA / MANSA / BARNALA: Attacking Prime Minister Narendra Modi and AAP National Convener Kejriawal,…

3 years ago

BJP made AAP to endanger the Congress, said Ajay

Jalandhar: BJP and AAM AAM AADMI parties are one party, Secretary General of the Ajay…

3 years ago

Our job is to make Punjab No. 1 State: Meenakshi Lekhi

Ludhiana: Minister of Union Culture Meenakshi Lekhi while campaigning to support the BJP candidate from…

3 years ago

Feb 20 is an opportunity to change the destiny of Punjab and his children: Bhagwant Mann

Machhiwara (Ludhiana): AAM AAM AADMI Party (AAP) Head of Punjab Candidate and Members of Parliament…

3 years ago