Iran’s fictitious NewsOnAir.org spies on US officials

By  | 

Thousands of high-ranking US and international officials including a four-star U.S. Navy admiral, have been the victims have a 3 year cyber-espionage campaign by Iranian hackers, claims a new report.

Cyber intelligence firm iSight Partners has published a report on Tuesday revealing that a group of hackers allegedly from Iran have infiltrated at least 2,000 accounts by creating 14 fake personas working for a fake US news organizations with accounts on social networks like Facebook, Twitter, LinkedIn, Google+, YouTube, and Blogger.

The alleged campaign dubbed Newscaster, dating back to 2011 and is still under way, targeted US lawmakers and ambassadors, local journalists, members of the US-Israeli lobby, and personnel from Britain, Saudi Arabia, Syria, Iraq and Afghanistan. iSight refused to identify the victims, adding that the purpose of the hack to also be unclear.

“We infer, from our limited knowledge of NEWSCASTER targeting, that such intelligence could ultimately support the development of weapon systems, provide insight into the disposition of the U.S. military or the U.S. alliance with Israel, or impart an advantage in negotiations between Iran and the U.S., especially with regards to sanctions and proliferation issues,” wrote Stephen Ward, senior director of marketing at iSight, in a blog post.

The firm said that the group of hackers have created fake profiles across various social networking that were intended to look credible, by posting fictitious content and non-malicious links to videos and news articles on NewsOnAir.org, a fake news website that plagiarizes news from legitimate outlets like CNN and BBC.

The hackers then approached the friends of the target, sending friend requests, since the targets would more likely accept a request from people with friends in common. On establishing trust, the hackers would send links to malicious content, or re-directs to web portals that require network log-in credentials.

“In many ways, these operators have escaped the malware arms race in lieu of an alternative approach,” said John Hultquist, head of iSight cyber espionage intelligence. “Newscaster focuses on human factors and third-party platforms, weak spots for many of the most sophisticated enterprise defenses.”

The firm said that the hackers were seeking credentials to access government and corporate networks, as well as to infect machines with malicious software.

Iranian hackers have turned out to be among the top cybersecurity concerns in the past few years for many US military and intelligence officials. However, Iranian officials have clearly denied any role in the past hacking incidents.