Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

WHAT'S YOUR QUESTION?

Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

By Comments(0) Upvotes(0) Downvotes(0) 77 Views
Flying Eze
Flying Eze logo

Microsoft says hackers backed by the Iranian government targeted over 100 high-profile potential attendees of two international security and policy conferences.

The group, known as Phosphorus (or APT35), sent spoofed emails masquerading as organizers of the Munich Security Conference, one of the main global security and policy conferences attended by heads of state, and the Think 20 Summit in Saudi Arabia, scheduled for later this month. Microsoft said the spoofed emails were sent to former government officials, academics and policy makers to steal passwords and other sensitive data, like email inboxes.

Microsoft says Iranian hackers targeted a 2020 presidential candidate

Microsoft did not comment, when asked, what the goal of the operation was, but the company’s customer security and trust chief Tom Burt said the attacks were carried out for “intelligence collection purposes.”

“The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape global agendas and foreign policies in their respective countries,” said Burt. “We’ve already worked with conference organizers who have and will continue to warn their attendees, and we’re disclosing what we’ve seen so that everyone can remain vigilant to this approach being used in connection with other conferences or events.”

Microsoft said the attackers would write emails written in “perfect English” to their target requesting an invitation to the conference. After the target accepted the invitation, the attackers would try to trick the victim into entering their email password on a fake login page. The attackers then later log in to the mailbox to steal the victim’s emails and contacts.

The group’s previous hacking campaigns have also tried to steal passwords from high-profile victims.

Iran’s consulate in New York could not be reached for comment as its website was down.

Phosphorus is known to target high-profile individuals, like politicians and presidential hopefuls. But Microsoft said that this latest attack was not related to the upcoming U.S. presidential election.

Last year, Microsoft said it had notified more than 10,000 victims of state-sponsored hacking, including Phosphorus and another Iran-backed group, Holmium, also known as APT 33. In March, the tech giant secured a court order to take control of domains used by Phosphorus, which were used to steal credentials using fake Google and Yahoo login pages.

An earlier version of this story incorrectly said Microsoft had stopped over 10,000 victims of state-sponsored hacking, when it had notified those victims. 

Google says Iranian, Chinese hackers targeted Trump, Biden campaigns


Vote: Upvotes(0) Downvotes(0)

Email Newsletter

Leave a Comment

Your email address will not be published. Required fields are marked*

Related Post

The deplatforming of a president image
Flying Eze
Flying Eze logo

After years of placid admonishments, the tech world came out in force against President Trump this past week following the violent assault of the U.S. Capitol building in Washington D.C. on Wednesday. From Twitter to PayPal, more than a dozen compani...


Facebook extends its temporary ban on political ads for another month image
Flying Eze
Flying Eze logo

The election is settled, but the nation is far from it. Before Election Day in the U.S., Facebook hit pause on all political and social issue ads. At the time, the company made it clear that the precautionary measure designed to turn off one potentia...