Friend
Professional
- Messages
- 2,653
- Reaction score
- 851
- Points
- 113
When applying for a job, carefully study the employer - perhaps you are at gunpoint.
The Iranian army is using cyber operations to identify individuals suspected of collaborating with the country's adversaries.
Mandiant has uncovered a network of fake websites and social media accounts through which Iran collects information about its citizens and domestic threats. The campaigns are aimed at identifying people who may cooperate with foreign intelligence and security agencies, especially Israel.
The data collected is used to uncover intelligence-gathering operations against Iran and to prosecute Iranians suspected of participating in such operations. Mandiant experts noted that the campaign involved methods and goals specific to the Iranian government, and that the operation was not related to the recent attacks on the US elections.
Iran's campaign outline
The new campaign uncovered more than 40 fake websites in Farsi and Arabic offering jobs in Israel. Website visitors were asked to enter personal data. Fake accounts were also found on X, Telegram, YouTube and the Iranian platform Virasty, promoting recruiting companies with vacancies in the fields of IT, cybersecurity and personnel management. The campaign began back in 2017 and lasted until March 2024. Similar operations were carried out on behalf of proxy groups in Syria and Lebanon.
Both desktop and mobile versions of fake sites were found that mimicked resources belonging to Israeli companies. Some sites were specifically aimed at recruiting the Syrian military and intelligence services and the Lebanese group Hezbollah.
Desktop and mobile versions of recruitment sites with a contact form
On one of the discovered YouTube channels, a video was posted offering employment services and indicating an email address for sending data. Researchers warn that the campaign's target groups could include dissidents, activists, human rights defenders and Farsi speakers living both inside and outside Iran. The collected data, such as addresses, contact details and professional experience, can be used in future operations against the targets.
Source
The Iranian army is using cyber operations to identify individuals suspected of collaborating with the country's adversaries.
Mandiant has uncovered a network of fake websites and social media accounts through which Iran collects information about its citizens and domestic threats. The campaigns are aimed at identifying people who may cooperate with foreign intelligence and security agencies, especially Israel.
The data collected is used to uncover intelligence-gathering operations against Iran and to prosecute Iranians suspected of participating in such operations. Mandiant experts noted that the campaign involved methods and goals specific to the Iranian government, and that the operation was not related to the recent attacks on the US elections.
Iran's campaign outline
The new campaign uncovered more than 40 fake websites in Farsi and Arabic offering jobs in Israel. Website visitors were asked to enter personal data. Fake accounts were also found on X, Telegram, YouTube and the Iranian platform Virasty, promoting recruiting companies with vacancies in the fields of IT, cybersecurity and personnel management. The campaign began back in 2017 and lasted until March 2024. Similar operations were carried out on behalf of proxy groups in Syria and Lebanon.
Both desktop and mobile versions of fake sites were found that mimicked resources belonging to Israeli companies. Some sites were specifically aimed at recruiting the Syrian military and intelligence services and the Lebanese group Hezbollah.
Desktop and mobile versions of recruitment sites with a contact form
On one of the discovered YouTube channels, a video was posted offering employment services and indicating an email address for sending data. Researchers warn that the campaign's target groups could include dissidents, activists, human rights defenders and Farsi speakers living both inside and outside Iran. The collected data, such as addresses, contact details and professional experience, can be used in future operations against the targets.
Source
