The Shin Bet internal intelligence agency disclosed on Sunday that Iranian hackers had launched a phishing campaign targeting primarily Israeli civil servants and researchers from various research institutes in order to gather information.
More stories:
The Iranians created false profiles posing as real Israeli citizens with whom the targets may have had personal or professional interactions. They initiated conversations on LinkedIn and continued correspondence through email, according to the agency.
In the course of these interactions, the impostors would send an invitation to a conference or other digital files of interest, such as a study or article. Opening these attachments or links would then infect the recipient's computer. The malicious file would grant the Iranian entity comprehensive access to the compromised system, enabling remote takeover and complete exposure of the information contained within.
The hackers originally compiled the necessary information for the LinkedIn profiles from social media networks, allowing them to establish a connection and then engage in correspondence tailored to the target's specific interests.
Israeli citizens' awareness and vigilance, coupled with the efforts of the Shin Bet and Israel's security establishment, thwarted the Iranian plot. The Shin Bet, in collaboration with its intelligence community partners, stated that it continues to counter Iranian efforts to gather information via Israeli citizens. It also urged the public to remain vigilant about phishing attempts.