January 17, 2024 at 01:30PM
Microsoft has uncovered a sophisticated spear-phishing campaign by the ‘Mint Sandstorm’ hackers, associated with Iran’s military intelligence. The attacks target high-profile individuals in Middle Eastern affairs, using impersonation of journalists and benign emails to build trust before delivering malicious content. The hackers utilize compromised accounts to send phishing lures and employ elaborate tactics to deceive targets.
After reviewing the meeting notes, the key takeaways are:
– A sophisticated APT group, known as ‘Mint Sandstorm,’ with links to Iran’s military intelligence, has been engaging in sophisticated spear-phishing attacks targeting high-profile individuals involved in Middle Eastern affairs at universities and research organizations in several countries.
– The APT group uses highly bespoke phishing lures and impersonates known individuals, including journalists, to establish trust with targets before delivering malicious content.
– They have been successful in tricking targets into downloading malicious files by using benign initial email messages, followed by a link to a malicious domain and sites hosting a double extension file that runs a curl command to retrieve malicious files from attacker-controlled subdomains.
– Microsoft’s researchers have documented the APT group’s resource-intensive social engineering campaigns and cautioned about the group’s patient and highly skilled social engineering tactics, which lack many of the hallmarks that typically identify phishing emails.
– The APT group has been using legitimate but compromised accounts to send phishing lures and has been successful in targeting individuals with insights or perspective on security and policy issues of interest to Tehran.
Overall, the APT group’s tactics involve an advanced level of social engineering, impersonation of known individuals, and the use of benign initial messages to establish rapport and trust with targets before delivering malicious content. This poses a significant threat to high-profile individuals working on Middle Eastern affairs across multiple countries.