Iran link to social media spying on military leaders

Facebook logo Facebook said it shut down fake accounts used to target key personnel

Related Stories

Fake social media accounts have been used by Iranian hackers to spy on senior military and political staff worldwide, a report suggests.

The accounts aided a four-year campaign that aimed to befriend targets, said computer security firm iSight Partners.

Accounts were used to make it appear that bogus identities set up by the spies were real people.

iSight said it was the most elaborate net-based spying campaign using social media it had ever seen.

Stealth campaign

US Navy admirals, politicians, ambassadors and lobbyists, as well as senior government and military figures from the UK, Saudi Arabia, Syria, Iraq and Afghanistan, were all targeted, said iSight.

"If it's been going on for so long, clearly they have had success," said Tiffany Jones, a spokeswoman for iSight, told Reuters.

In total, said the report, fake personas for 14 people were created and maintained on a variety of social media sites, including Facebook, Twitter, LinkedIn, Google+, YouTube and Blogger. The bogus identities were for staff who supposedly worked for a fictitious news agency as well as defence workers, an accountant and a naval IT administrator.

Friends, relatives, workmates and acquaintances of targets were initially contacted via social media to establish ties that were later used to lend more credibility to requests to connect to the true targets of the campaign.

About 2,000 people were used to establish these lower-level ties, which were used to go after a smaller group of about 200 higher-profile individuals.

Alerted the FBI

Initially links free of malware were shared through the connections set up on social media. Later, links to sites seeded with malware were used to attempt to catch out victims and gain access to useful data.

"This campaign is not loud. It is low and slow," said Ms Jones. "They want to be stealth. They want to be under the radar."

Evidence gathered during the investigation pointed the finger squarely at Iran, iSight said in its report, but it did not know whether the campaign was state-sponsored or carried out by a third party.

iSight said it had contacted many of the people targeted by the campaign and had alerted the FBI and law enforcement agencies.

Facebook said it independently spotted the fake accounts as part of its regular site-wide sweeps for bogus users. LinkedIn said it was investigating but noted that none of the fake 14 accounts were currently active. Twitter did not comment.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories


Features & Analysis

  • BeefaloBeefalo hunt

    The hybrid animal causing havoc in the Grand Canyon

  • Actor Jackie Chan gestures as he stands on the set of his new movie 'Around the World in 80 Days' on 6 May, 2003 in Berlin, GermanyDuang duang duang

    How a new word 'broke the Chinese internet'

  • Sound of Music PosterFar from a flop

    Even Sound of Music film crew surprised by success

  • Don Roberto Placa Quiet Don

    The world's worst interview - with one of the loneliest men on Earth

BBC Future

(US Navy)

The world’s noisiest spy plane

The Soviet giant that still soldiers on


  • 3D model of Christ the Redeemer statueClick Watch

    Using drones to 3D map the famous Brazilian landmark Christ the Redeemer

Try our new site and tell us what you think. Learn more
Take me there

Copyright © 2015 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.