On Thursday, Facebook disclosed that a network of hackers linked to Iran tried to use its platform to target U.S. military personnel. At the center of the campaign was a group known as Tortizhell. Facebook says the team has set out in search of individuals and companies in the defense and aerospace industries. The primary targets were the United States, but they were also looking for people in the UK and parts of Europe.
“This activity had the characteristics of well-funded and persistent operations, relying on relatively strong operational security measures to hide who was behind it,” Facebook said. “Our platform has been one of the elements of a much broader multi-platform cyber espionage platform, and its activity on Facebook has manifested itself primarily in social engineering and forcing people off the platform (e.g. email services, messaging and collaboration and websites ), rather than directly sharing the malware itself. “
It seems that what failed is unprecedented for Tortoiseshell. In the past, the group has primarily targeted IT companies across the Middle East. The methods she used were similar to those used by the Chinese evil eye target the Uighur community at the beginning of the year.
Facebook says the group created “sophisticated internet people” to contact their targets and build trust with them before trying to convince them to click on malicious links. They had accounts on multiple social media platforms to make their scam look more credible. The group created fake employment websites and even went so far as to defraud the legitimate job search tool of the U.S. Department of Labor. Facebook believes that at least part of the malware used by the group was developed by Mahak Rayan Afraz, a company linked to the Islamic Revolutionary Guard Corps.
Iran has been accused of various malicious network activities over the past year. Most importantly, Microsoft said last September that it was one of the countries that tried it meddle in the 2020 U.S. presidential election.
All products recommended by Engadget are selected by our editorial team, regardless of our parent company. Some of our stories include associated links. If you buy something through one of these links, we may earn an associated commission.