Middle East

Iranian hackers 'used Facebook to spy on US'

Operatives set up fake personas and befriended US and Western officials, according to internet security firm.

Last updated: 29 May 2014 08:39
Email Article
Print Article
Share article
Send Feedback
The hackers created fake Facebook profiles to gain their targets' trust [AP]

Iranian hackers set up fake Facebook accounts and tried to befriend US and Western officials in an effort to spy on them, an internet security firm has said.

The hackers created fake personas and populated their profiles with fictitious personal content, and then tried to befriend targets, the Reuters news agency reported.

Targets are believed to include a US navy admiral, politicians, ambassadors, lobbyists and officials from several other countries including the UK and Saudi Arabia, according to the internet firm, iSight Partners.

ISight declined to identify the victims and said it could not say what data had been stolen. "If it's been going on for so long, clearly they have had success," said Tiffany Jones, a company executive. 

The firm said Iranian hackers created six online personas, who appeared to work for a website, newsonair.org, and another eight who purported to work for defence contractors and other organisations.

The operation has been active since at least 2011 and is thought to be the most elaborate cyber espionage campaign using "social engineering" uncovered to date, iSight said.

To build credibility, the hackers would approach high-value targets by first establishing ties with friends of the target, classmates, colleagues, relatives and other connections over social networks run by Facebook, Google, LinkedIn and Twitter.

Then they would send links that infected PCs with malicious software, or direct targets to web portals that ask for network log-in credentials. 

The firm said hackers made connections with more than 2,000 people, adding that it believed the group ultimately targeted several hundred individuals in a "low and slow" campaign.

A spokesman for Facebook said it had discovered the hacking group and had removed the accounts.

LinkedIn said the site was investigating the report, though none of the 14 fake profiles uncovered by iSight were currently active. 

ISight said it did not know if the hackers were tied to the government in Tehran, though it believed they were supported by a nation state because of the complexity of the operation.

The firm said newsonair.org was registered in Tehran and probably hosted by an Iranian provider.

Among the 14 false personas were reporters for newsonair, including one with the same name as a Reuters journalist in Washington; six employees who purportedly worked for defence contractors; a systems administrator with the US navy, and an accountant working for a payment processor. 


Email Article
Print Article
Share article
Send Feedback
Topics in this article
Featured on Al Jazeera
UNHCR says hundreds of people trapped in Yaloke town risk death if they are not evacuated to safety urgently.
'Justice for All' demonstrations swell across the US over the deaths of African Americans in police encounters.
Six former Guantanamo detainees are now free in Uruguay with some hailing the decision to grant them asylum.
Disproportionately high number of Aboriginal people in prison highlights inequality and marginalisation, critics say.
Long-standing dispute over Christian use of the word 'Allah' raises concerns about a very un-Merry Christmas.
The threat posed by ISIL has prompted thousands of young Kurds to join the PKK.
Baja California - with its own grim history of disappeared people - finds a voice in the fight against violence.
Russian feminist rockers fight system holding 700,000 - the world's largest per capita prison population after the US.
Weeks of growing protests against Muslims continue in Dresden with 15,000 hitting the streets last Monday.