Iran-linked Threat Actor Targets T20 Summit Attendees

It has been reported that an Iranian threat actor has successfully compromised attendees of two global conferences – including ambassadors and senior policy experts –  in an effort to steal their email credentials. Microsoft linked the attack, which targeted more than 100 conference attendees, to Phosphorus, which it said is operating from Iran. The group – also known as APT 35, Charming Kitten, and Ajax Security Team – has been known to use phishing as an attack vector.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Sam Curry
Sam Curry , Chief Security Officer
InfoSec Expert
October 29, 2020 11:18 am

This breach is clearly a surgical strike against a targeted group of former government officials, policy experts and academics, and leaders. The million-dollar question is how much personal information have the hackers been able to obtain. There should be a cause for concern if the hackers have stolen private information from various nations working on foreign policy in their countries. The short and long-term issue for various leaders is how they go about securing private information. In the case of these influencers, they need to take digital security seriously, limit the number of people that have access to their email and social media accounts, and work with the security professionals within their governments or companies that know how to reduce risk and collateral damage.

Last edited 2 years ago by Sam Curry
1
0
Would love your thoughts, please comment.x
()
x