British cybersecurity officials are warning that hacking groups linked to Russia and Iran are duping people into clicking malicious links by impersonating journalists and experts.
The hackers, who have similar goals but are said to be working separately, have sought to steal emails from people working in academia, defense, the media and government, as well as from activists and non-governmental organizations, according to an advisory released on Thursday by the UK’s National Cyber Security Centre.
For the latest headlines, follow our Google News channel online or via the app.
“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems,” said Paul Chichester, the center’s director of operations. “We strongly encourage organizations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”
The Russian hackers, known as “Seaborgium” or “Cold River,” were linked by researchers from Alphabet Inc.’s Google in May to a website that had published private emails from the former head of the UK’s MI6 intelligence agency. The group also last year targeted scientists at three nuclear research laboratories in the US, according to Reuters.
The Iranian hackers, also sometimes called “TA453” or “Charming Kitten,” have previously been observed targeting officials at the World Health Organization and scholars who specialize in Middle Eastern issues.
The hackers study their targets’ interests and identify their real-world social or professional contacts, according to the UK’s cyber security center. They have also created fake social media or networking profiles and tricked their victims by sending supposed conference or event invitations, according to the center.
US company T-Mobile says data of 37 million customers hacked
Russian hacking team ‘Cold River’ targeted US nuclear scientists
FBI says N. Korea-related hacker groups behind US crypto firm heist