Middle East

Iranian hackers 'used Facebook to spy on US'

Operatives set up fake personas and befriended US and Western officials, according to internet security firm.

Last updated: 29 May 2014 08:39
Email Article
Print Article
Share article
Send Feedback
The hackers created fake Facebook profiles to gain their targets' trust [AP]

Iranian hackers set up fake Facebook accounts and tried to befriend US and Western officials in an effort to spy on them, an internet security firm has said.

The hackers created fake personas and populated their profiles with fictitious personal content, and then tried to befriend targets, the Reuters news agency reported.

Targets are believed to include a US navy admiral, politicians, ambassadors, lobbyists and officials from several other countries including the UK and Saudi Arabia, according to the internet firm, iSight Partners.

ISight declined to identify the victims and said it could not say what data had been stolen. "If it's been going on for so long, clearly they have had success," said Tiffany Jones, a company executive. 

The firm said Iranian hackers created six online personas, who appeared to work for a website, newsonair.org, and another eight who purported to work for defence contractors and other organisations.

The operation has been active since at least 2011 and is thought to be the most elaborate cyber espionage campaign using "social engineering" uncovered to date, iSight said.

To build credibility, the hackers would approach high-value targets by first establishing ties with friends of the target, classmates, colleagues, relatives and other connections over social networks run by Facebook, Google, LinkedIn and Twitter.

Then they would send links that infected PCs with malicious software, or direct targets to web portals that ask for network log-in credentials. 

The firm said hackers made connections with more than 2,000 people, adding that it believed the group ultimately targeted several hundred individuals in a "low and slow" campaign.

A spokesman for Facebook said it had discovered the hacking group and had removed the accounts.

LinkedIn said the site was investigating the report, though none of the 14 fake profiles uncovered by iSight were currently active. 

ISight said it did not know if the hackers were tied to the government in Tehran, though it believed they were supported by a nation state because of the complexity of the operation.

The firm said newsonair.org was registered in Tehran and probably hosted by an Iranian provider.

Among the 14 false personas were reporters for newsonair, including one with the same name as a Reuters journalist in Washington; six employees who purportedly worked for defence contractors; a systems administrator with the US navy, and an accountant working for a payment processor. 


Email Article
Print Article
Share article
Send Feedback
Topics in this article
Featured on Al Jazeera
As Western stars re-release 1980s charity hit, many Africans say it's a demeaning relic that can do more harm than good.
At least 25 tax collectors have been killed since 2012 in Mogadishu, a city awash in weapons and abject poverty.
Tokyo government claims its homeless population has hit a record low, but analysts - and the homeless - beg to differ.
3D printers can cheaply construct homes and could soon be deployed to help victims of catastrophe rebuild their lives.
Pro-Russia leaders' election in Ukraine's east shows bloody conflict is far from a peaceful resolution.
Critics challenge Canberra's move to refuse visas for West Africans in Ebola-besieged countries.
A key issue for Hispanics is the estimated 11.3 million immigrants in the US without papers who face deportation.
In 1970, only two mosques existed in the country, but now more than 200 offer sanctuary to Japan's Muslims.
Hundreds of the country's reporters eke out a living by finding news - then burying it for a price.