The activity, according to a DoJ press release, "was part of Iran's continuing efforts to stoke discord, erode confidence in the US electoral process, and unlawfully acquire information relating to current and former US officials that could be used to advance the malign activities of the IRGC," including retribution on behalf of the death of former commander of the IRGC-Qods Force, Qasem Soleimani. The individuals — known as Masoud Jalili, 36; Seyyed Ali Aghamiri, 34; and Yaser Balaghi, 37 — are accused of running a cyber campaign targeting the upcoming US presidential election, and conducting hacks against political campaigns, current and former US officials, nongovernmental organizations, and members of the media. The DoJ alleges the attackers focused on compromising accounts of former US government officials for several years for shifting their focus and targeting campaign officials in May, using their access to campaign accounts to steal information, non-public campaign documents, and emails. The attackers then broadened their operation, engaging in a "hack-and-leak" operation to weaponize stolen materials from a US presidential campaign in order to undermine certain candidates, according to the announcement. "The actors often attempt to build rapport before soliciting victims to access a document via a hyperlink, which redirects victims to a false email account login page for the purpose of capturing credentials," the advisory stated. Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG. Potential targets include current and former senior government or political officials, journalists, activists, and lobbyists, among others, which have been hit with social engineering messages tailored to the individual.
This Cyber News was published on www.darkreading.com. Publication date: Mon, 30 Sep 2024 20:45:22 +0000