Iran Caught Targeting US Presidential Campaign Accounts

  /     /     /  
Publicated : 23/11/2024   Category : security


Iran Caught Targeting US Presidential Campaign Accounts


Microsoft detected the so-called Phosphorus nation-state gang attacking 241 user accounts associated with a US presidential campaign, current and former US government officials, journalists, others.



A well-known Iranian nation-state hacking team has targeted 241 user accounts connected to a US presidential campaign, as well as existing and former government officials, journalists, and Iranian nationals residing outside that nation, according to Microsoft, which discovered the attacks.
Between August and September, Microsofts Threat Intelligence Center spotted the so-called Phosphorus hacking group — aka APT 25, Charming Kitten, and Ajax Security Team — going after specific Microsoft customers. The group made more than 2,700 attempts to get those accounts, ultimately targeting 241 of them. They ultimately compromised four user accounts, none of which were associated with the US campaign or US government officials.
Microsoft has notified the customers related to these investigations and threats and has worked as requested with those whose accounts were compromised to secure them, said Tom Burt, corporate vice president of customer security and trust for Microsoft, in
a blog post
about the incident today.
The hackers spoofed password reset or account recovery alerts as a way to infiltrate the victim accounts. For example, they would seek access to a secondary email account linked to a users Microsoft account, then attempt to gain access to a users Microsoft account through verification sent to the secondary account. In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets, Burt explained.
Phosphorus has been a relatively active threat group. 
Microsoft in March took down
99 phishing and other malicious websites run by Phosphorus, and the group was
spotted in December 2018
 targeting email accounts of US Treasury members, defenders, detractors, Arab atomic scientists, Iranian civil society figures, DC think-tank employees, and officials charged with enforcing the former US-Iran nuclear deal.
Check out
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays top story:
Rethinking Cybersecurity Hiring: Dumping Resumes & Other Garbage
.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Iran Caught Targeting US Presidential Campaign Accounts