29 Jul Researchers Warn Users of Cyber Threats Via Social Media Funded by Iran
According to a report last Friday, SecureWorks cybersecurity researchers discovered that Iran is supporting attackers to use social media platforms like LinkedIn and Facebook to conduct cyber espionage, steal information, and control web actions of unsuspecting victims.
For instance, fake LinkedIn account Mia Ash has more than 500 contacts with a profile stolen from an actual U.S. photographer. A victim would get a message from her via LinkedIn, then on Facebook, and eventually targets the victim’s email.
The phishing email contains fake job offers or notifications to change a social media password together with malicious links. When the victim opens it, a Trojan malware called PupyRAT will be installed into the computer, enabling the attacker to gain access of the OS.
To date, the operation zeros in on members of organizations in financial sectors, technology firms, and the oil industry in North Africa, Middle East, and the U.S.
Source: ZD Net