Iran-based hackers used fake personas on Facebook, Twitter, LinkedIn, Google+, YouTube and Blogger to fire up a cyber espionage campaign targeting U.S. and Israeli officials.
Security firm iSight Partners tracked the campaign to a group of Iranian hackers which it said gathered over 2,000 victims across the globe in an operation called “Newscaster.”
“This campaign, working undetected since 2011, targets senior U.S. military and diplomatic personnel, congressional personnel, Washington DC area journalists, U.S. think tanks, defense contractors in the U.S. and Israel, as well as others who are vocal supporters of Israel to covertly obtain log-in credentials to the email systems of their victims,” read the report.
The attacks targeted people with requests from fake online personas claiming to work in journalism, government and defense contracting.
“These credible personas connected, linked, followed and ‘friended’ target victims, giving them access to information on location, activities and relationships from updates and other common content,” iSight said in a blog post.
“Accounts were then targeted with ‘spear-phishing’ messages. Links which appeared to be legitimate asked recipients to log-in to false pages, thus capturing credential information.”
The security firm said it is currently unclear what data, if any,\ ended up stolen during the attacks.
“We are unable to say with complete visibility. However, it is reasonable to assume that a vast amount of social content was compromised in addition to some number of log-in credentials that can be used to access additional systems and information,” read the report.
“As users often maintain the same credentials for multiple sites, it is impossible to determine the scope, scale and duration of data loss,” the report said.