Iran link to social media spying on military leaders
- 29 May 2014
- From the section Technology
Fake social media accounts have been used by Iranian hackers to spy on senior military and political staff worldwide, a report suggests.
The accounts aided a four-year campaign that aimed to befriend targets, said computer security firm iSight Partners.
Accounts were used to make it appear that bogus identities set up by the spies were real people.
iSight said it was the most elaborate net-based spying campaign using social media it had ever seen.
US Navy admirals, politicians, ambassadors and lobbyists, as well as senior government and military figures from the UK, Saudi Arabia, Syria, Iraq and Afghanistan, were all targeted, said iSight.
"If it's been going on for so long, clearly they have had success," said Tiffany Jones, a spokeswoman for iSight, told Reuters.
In total, said the report, fake personas for 14 people were created and maintained on a variety of social media sites, including Facebook, Twitter, LinkedIn, Google+, YouTube and Blogger. The bogus identities were for staff who supposedly worked for a fictitious news agency as well as defence workers, an accountant and a naval IT administrator.
Friends, relatives, workmates and acquaintances of targets were initially contacted via social media to establish ties that were later used to lend more credibility to requests to connect to the true targets of the campaign.
About 2,000 people were used to establish these lower-level ties, which were used to go after a smaller group of about 200 higher-profile individuals.
Alerted the FBI
Initially links free of malware were shared through the connections set up on social media. Later, links to sites seeded with malware were used to attempt to catch out victims and gain access to useful data.
"This campaign is not loud. It is low and slow," said Ms Jones. "They want to be stealth. They want to be under the radar."
Evidence gathered during the investigation pointed the finger squarely at Iran, iSight said in its report, but it did not know whether the campaign was state-sponsored or carried out by a third party.
iSight said it had contacted many of the people targeted by the campaign and had alerted the FBI and law enforcement agencies.
Facebook said it independently spotted the fake accounts as part of its regular site-wide sweeps for bogus users. LinkedIn said it was investigating but noted that none of the fake 14 accounts were currently active. Twitter did not comment.