"Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research"

As part of a new social engineering campaign seeking sensitive information, hackers linked to the Iranian government have targeted individuals specializing in Middle Eastern affairs, nuclear security, and genome research. The targeted attacks were attributed to the threat actor TA453, which broadly overlaps with cyber activities monitored under the names APT42, Charming Kitten, and Phosphorus. It begins with a phishing email impersonating legitimate individuals at Western foreign policy research organizations, with the goal of gathering intelligence for Iran's Islamic Revolutionary Guard Corps (IRGC). Personas spoofed in the campaign include those from the Pew Research Center, the Foreign Policy Research Institute (FRPI), Chatham House in the UK, and the scientific journal Nature. What distinguishes this phishing attack from others is the use of a technique called Multi-Persona Impersonation (MPI), in which the threat actor employs not one but several actor-controlled personas in the same email conversation to increase the likelihood of success. The idea is to use the psychology principle of social proof to increase the authenticity of the threat actor's message in order to persuade the target to buy into the scheme, a tactic that shows the adversary's ongoing ability to improve its tactics. This article continues to discuss the new social engineering campaign targeting individuals involved in nuclear security and genome research.

THN reports "Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research"