Popular Posts Last 7 days_$type=three$meta=0$snip=0$rm=0$count=9$show=/search/label/Popular

Popular Posts Last 30 days_$type=three$meta=0$snip=0$rm=0$count=9$show=/search/label/Popular

Popular Posts Last year_$type=three$meta=0$snip=0$rm=0$count=9$show=/search/label/Popular

Popular Posts All time_$type=three$meta=0$snip=0$rm=0$count=9$show=/search/label/Popular

Islamophobia_$type=carousel$h=350$show=/search/label/Muslim%20World

Saudi Arabia$type=two$count=2$h=250$space=1$icon=1$m=0$sn=0$rm=0$show=/search/label/Muslim%20World

Iran_$type=three$count=3$h=250$space=1$icon=1$m=0$sn=0$rm=0$show=/search/label/Muslim%20World

Palestine$type=three$author=hide$comment=hide$rm=hide$date=hide$show=/search/label/Muslim%20World

Iranian hackers used female 'honey pot' to lure targets: researchers

SHARE:

LAS VEGAS -  Hackers believed to be working for the Iranian government have impersonated a young female photographer on social media for more than a year, luring men working in industries strategically important to Tehran’s regional adversaries, according to research published Thursday.

The so-called Mia Ash persona has been active on sites including LinkedIn, Facebook Inc, WhatsApp and Blogger since at least April of last year, researchers at Dell SecureWorks said.

The campaign showed Iran engaged in a social engineering plot to ensnare its targets with a “honey pot”, a classic espionage trap often involving seduction, more commonly used by criminal hackers.

Dell SecureWorks observed Mia Ash sending specific malware, concealed as a “photography survey” with an attachment, to a victim that matched malware sent by Iranian hacking group Cobalt Gypsy during an unsuccessful “spearphishing” email attempt to the same victim’s employer in January.

The malware, known as PupyRAT, would give an attacker complete control of a compromised computer and access to network credentials, suggesting government espionage. The researchers did not have visibility into how many targets were compromised or what Mia Ash sought to gain with the access.

The fake profile used publicly available social media images of a real photographer based in eastern Europe to create an identity of an attractive woman in her mid-twenties who lived in London and enjoyed travel, soccer, and popular musicians including Ed Sheeran and Ellie Goulding, Dell SecureWorks said. Her social media biographies appeared to lift details from a New York photographer’s LinkedIn profile.

Dell SecureWorks said it had high confidence Mia Ash was created and operated by the Iranian hacking group known as Cobalt Gypsy.

Iranian officials did not immediately respond to requests for comment.

Mia Ash primarily lured middle-aged men who worked as technicians and engineers at oil and gas, aerospace and telecommunications firms in the Middle East that had been previously targeted by the same group. Those include Saudi Arabia and Israel in addition to India and the United States.

Mia Ash’s victims failed to notice that none of her profiles included a way to contact her for photography services, according to Allison Wikoff, a senior security researcher at Dell SecureWorks who tracked Mia Ash’s activity.

“These guys aren’t hiring her for photography,” Wikoff said. “Their main thing is, ‘Wow, she’s young, she’s cute, she likes to travel, she’s whimsical’.”

LinkedIn removed the fake Mia Ash profile before Dell SecureWorks finished its research, Wikoff said.

Facebook, where Mia Ash listed her relationship status as “it’s complicated,” took down the profile last week after being contacted by Dell SecureWorks.

Cobalt Gypsy, also known as OilRig, has been previously accused of operating a network of fake LinkedIn profiles to pose as recruiters at major companies, including Northrop Grumman Corp and General Motors Co, but the Mia Ash persona showed an elevated level of persistence, Wikoff said.

Western security officials for years have considered Iran to be among the most sophisticated nation-state cyber adversaries, along with Russia, China and North Korea.

Another report released this week by researchers at Tokyo-based Trend Micro and ClearSky of Israel described efforts to impersonate major technology brands including Twitter Inc and Microsoft Corp by another hacking group widely suspected of having links to Iran.

COMMENTS

Name

Ads,5,Afghanistan,69,Africa,17,Americas,4,Animals,36,Asia,186,Australia,9,Austria,3,Bahrain,2,Bangladesh,16,Barcelona,1,Belgium,3,Brunei,1,Business,1240,Canada,2,Catalan,80,China,112,Cuba,3,Egypt,21,Europe,207,Fitness,14,France,22,Germany,33,Headlines,11,Health,168,Hillary Clinton,199,Hong Kong,1,Hungary,1,Iceland,1,India,100,Indonesia,8,International,75,Iran,75,Iraq,72,Ireland,2,Islamophobia,19,Israel,8,Italy,2,Japan,26,Jordan,1,Kenya,5,Kosovo,1,Kuwait,3,Lebanon,2,Libya,2,Lifestyle,302,Lithuania,1,Malaysia,12,Malta,1,Maxico,3,Middle East,111,Muslim World,572,Myanmar,32,Nawaz Sharif,5,Nepal,3,Netherlands,2,New Zealand,9,Niger,1,Nigeria,1,Nobel Prize,81,North Korea,49,Norway,1,Opinion,26,Pakistan,1021,Palestine,35,Philippine,11,Pics,66,Poland,2,Popular,1,Qatar,93,Rohingya,118,Russia,37,Rwanda,1,Saudi Arabia,80,Science,144,Serbia,2,Showbiz,347,Somalia,4,South Africa,1,South Korea,5,Spain,49,Sports,1289,Sudan,1,Sweden,1,Switzerland,2,Syria,104,Taiwan,2,Technology,437,Thailand,4,Today IN History,21,Top News,983,Tunisia,1,Turkey,73,U.S.,270,UAE,21,UK,46,Ukrain,2,Venezuela,4,Videos,75,Vietnam,2,World,4682,Yemen,21,
ltr
item
Muslim Global: Iranian hackers used female 'honey pot' to lure targets: researchers
Iranian hackers used female 'honey pot' to lure targets: researchers
https://4.bp.blogspot.com/-Zl4nJKar3Uo/WXrOSIvN_eI/AAAAAAAAbOs/qYdHG4In8SAqGgHcKsJpJPR4d8qVyu5pwCLcBGAs/s640/hacking.png
https://4.bp.blogspot.com/-Zl4nJKar3Uo/WXrOSIvN_eI/AAAAAAAAbOs/qYdHG4In8SAqGgHcKsJpJPR4d8qVyu5pwCLcBGAs/s72-c/hacking.png
Muslim Global
http://www.muslimglobal.com/2017/07/iranian-hackers-used-female-honey-pot.html
http://www.muslimglobal.com/
http://www.muslimglobal.com/
http://www.muslimglobal.com/2017/07/iranian-hackers-used-female-honey-pot.html
true
616431133175714168
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy