Advertisement

US officials reportedly duped into friending Iranian spies on social networks

A fair few government officials will be poring over their personal LinkedIn, Facebook and Twitter accounts today, following a warning about an elaborate hacking campaign that appears to stem from Iran. According to iSIGHT Partners, Iranian hackers have spent the last three years creating a fake news outlet -- Newsonair.org -- and then posing as journalists to give the website an air of credibility (even though all its content was simply plagiarized from elsewhere on the web). Over time, these impostors are alleged to have linked, friended and followed US military, diplomatic and congressional personnel who were attracted to Newsonair's stories. Once a basic connection had been established via a social network, the cyber-spy would then share another interesting-looking story with their target, but this time the shared link would be a so-called spear-phishing site designed to steal login credentials.

The US has repeatedly complained of high-level hacking from both Iran and China, but this particular espionage ring looks to be unusually broad, also targeting journalists (real ones, that is), defense contractors, outspoken supporters of Israel, and also people in the UK, Iraq and Saudi Arabia. In total, around 2,000 individuals have been affected to some degree, according to iSIGHT Partners, although that doesn't necessarily mean all those people have been hacked: They may simply have become "connected to false personas." Meanwhile, Newsonair is still very much alive, pirating content from AFP, Reuters and other sources and spuriously asking you to submit your email address in order to subscribe to its RSS feed. (In other words, if you choose to visit it, be careful.)