An Iran-backed hacker used a phony Zoom call to try to swipe a crucial password from a U.S. target. Instead, he got caught failing on tape. Rolling Stone has the footage.
. And they’re part of a broader Iranian hacking effort that has recently prompted a diplomatic feud with Albania and promises of retaliatory actions from the Biden administration.
This week, the government of Albania cut diplomatic ties with Iran after the revelation that Iranian hackers were responsible for a July 15 cyberattack on the Albanian government which destroyed data and cut off critical public services. The Biden administration also pledged that it “will take further action to hold Iran accountable for actions that threaten the security of a U.S. ally and set a troubling precedent for cyberspace,” following Albania’s announcement.
In the incidents documented by CERTFA’s most recent report, Iranian hackers posed as Washington, DC think tankers, including Paul Salem, the president of the Middle East Institute, and Hagar Hajjar Chemali, a sanctions scholar at the Atlantic Council.
The hackers posing as Chemali were successful in taking over the account of an unidentified minority rights activist and used the account to send more malicious meeting links to the activist’s followers. CERTFA researchers also believe that hackers affiliated with Charming Kitten are likely behind a Twitter account purporting to be a human rights activist.
And there are signs that there may be other victims out there. The link first dropped in the Zoom chat by the fake French biologist appears to have been used to target victims based in France. The servers hosted fake websites impersonating the French embassy in Iran and France24, a state-owned French news network which broasts in French, English, and Arabic.