Iranian cyber attackers, linked to the Muddy Water group associated with the Iranian Ministry of Intelligence, have launched targeted phishing campaigns against Israeli journalists and media organizations, according to a report released by Check Point and revealed by PC.
The Muddy Water group executed two significant phishing campaigns in recent days, focusing on leading media outlets, prominent journalists, as well as tourism and health organizations in Israel. The attackers utilized hacked legitimate email addresses to send deceptive messages, posing as medical and nursing centers or fictitious government bodies like the "Golan District Council."
Method of Attack
The phishing emails contained malicious links disguised as announcements about new service plans or development initiatives. Clicking on these links led to the download of Atera software, enabling remote access to the victim's devices and files.
The phishing messages targeted both large and small communication systems in Israel, as well as specific addresses of journalists, including private emails and those publicly available on websites and social media.
Broader Context of Cyber Threats
Check Point highlights that these attacks are part of a broader trend, with a significant increase in cyber attacks on Israeli organizations during periods of heightened tension, such as the recent conflict. Iran and its affiliates are intensifying efforts to target public, governmental, and private entities in Israel through cyber means.
History of Muddy Water Group's Attacks
The Muddy Water group has a history of targeting Israeli interests, operating within Iran and other regions. Previous campaigns by the group include phishing attacks in Iraq and Saudi Arabia in 2017, and attempts to penetrate Israeli computer systems in 2020. In 2021, the group targeted telecom and IT service providers in the Middle East and Asia, including Israel, as reported by Symantec.
Government Attribution
The US Cyber Command attributed the activity of the Muddy Water group to Iran in January 2022, indicating the government's recognition of Iran's involvement in cyber attacks.
Security Measures Advised
Check Point urges vigilance and caution, advising recipients not to open suspicious emails and to take necessary precautions to protect against cyber threats.
As Iranian cyber attacks continue to target Israeli entities, cybersecurity remains a crucial concern for both public and private organizations in the region.
Articles Archive
Top Categories
ABOUT IFI TODAY
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum
Comments