The cyber war has begun…
The U.S. and their allies have begun cyber strikes against the Iranians and its government. However, Iran isn’t going down without a fight. Considering a large hacking group originates from Iran, the Department of Homeland Security issued a public warning regarding an increase in Iranian hackers targeting public entities. Today, those concerns have come to fruition.
Security researchers have confirmed the Iranian hacking group, APT34, has begun targeting U.S. corporations, and are going about it in a very strategic way.
Hackers Use Social Media To Spread Malware
APT34 is targeting LinkedIn users, specifically those who are employed in the financial, energy and government sectors. Hackers are sending fraudulent “connection” invitations riddled with malicious attachments. From there, if the user downloads them, they open up a backdoor for hackers to gather and steal user credentials and data. This may not be too alarming from a business perspective considering the group is targeting individuals on a social network. However, this can come back on the employer in two ways.
First, users identify where they work on the LinkedIn platform. If they were to download malicious attachments, hackers would have the ability to gain user credentials. Considering those data points are often used across personal and professional systems, the hackers could then conduct a cyber attack on that business using stolen credentials. It only gets worse if the users are checking social media accounts on company networks. If they were to do this, the hackers then have a backdoor to the company network.
According to Forbes, one of the fraudulent invitations comes from “Rebecca Watts” claiming to be a Cambridge University researcher. If you receive this invitation, delete the request immediately. Additionally, users should proceed with caution when accepting invitations from parties they do not know. It is best if you do not know the person, to disregard the invitation.
Stay safe out there!