An Iranian state-sponsored hacker group, known as Charming Kitten, has targeted victims around the world, including Israelis, to gather information about Iranian dissidents living both in the Islamic Republic and abroad, the Israel-based cybersecurity firm ClearSky said.
The Times of Israel reported on Tuesday that the Iranian cyber-espionage group used false identities, malicious code, and phishing attacks to trap victims into revealing personal information. Their targets received Twitter messages or emails from accounts registered with ostensibly Jewish-Israeli names. One hacker claimed to be a journalist at KNBC, another an Israeli political researcher in California, and a third an Iranian Jewish girl seeking help to leave the country.
According to ClearSky, the hackers focused on academic researchers, human rights activists, media outlets, and political advisers. They focused on targets residing in Iran, the US, Israel and the UK, but also targeted people in France, Germany, Switzerland, Denmark, India, Turkey and the United Arab Emirates. Among the Israeli victims were Iran researcher Tamar Eilam Gindin from the Shalom Center, Kan radio news editor Eran Cicurel, and movie producer Alon Gur Arye, Calcalist reported.
The purpose of the hacking attack was to obtain sensitive information about Iranian dissidents, ClearSky CEO Boaz Dolev, noted. “They want to know who the researchers are talking to,” he said, adding that “They want to know who in Iran is in contact with such people out of the country.”
This is not the first time that such allegations surfaced. In 2015, a report released by Canadian researchers from Voice of America, suggested that Iranian dissidents abroad, who are falling victim to sophisticated cyber-attacks, are likely being targeted by Iranian hackers affiliated with the Islamic Revolutionary Guard Corps (IRGC), which seek “to steal their email communications and contacts.”
Later that year, the same hacking group, known as Rocket Kitten, was crippled by raids carried out by police across Europe, after the Israeli-American cybersecurity firm Check Point informed them about the group’s malign activities.
[Photo: David Whelan / Flickr ]