Iran TerrorismUS Treasury Officials Targeted by Iranian Hackers

US Treasury Officials Targeted by Iranian Hackers

-

Iranian Hackers

Iran Focus

London, 17 Dec – The personal emails of American officials tasked with enforcing the recently reimposed sanctions were targeted by Iranian hackers last month, according to The Associated Press.

London-based cybersecurity group Certfa tracked a hacking group nicknamed Charming Kitten. The AP believes that the group spent the past month trying to break into the private emails of more than a dozen U.S. Treasury high-profile individuals involved in the nuclear deal between Washington and Tehran. Atomic scientists, Iranian civil society figures, and D.C. think tank employees were also allegedly targeted.

Among those targeted was Frederick Kagan, a scholar at the American Enterprise Institute. He has previously written about Iranian cyber-espionage. He explained, “Presumably, some of this is about figuring out what is going on with sanctions,” and added that he was alarmed by the targeting of foreign nuclear experts. “This is a little more worrisome than I would have expected,” he said.

Charming Kitten mistakenly left one of its servers open to the internet last month, allowing researchers at Certfa to discover the list. They extracted a list of 77 Gmail and Yahoo addresses targeted by the hackers, and gave it to the AP for further analysis. The addresses provide considerable insight into Tehran’s espionage priorities, but it’s not unclear how many of the accounts were successfully compromised. However, Certfa researcher Nariman Gharib said, “The targets are very specific.”

In a report published Thursday, Cerfta tied the hackers to the Iranian government. The hackers seem to have accidentally revealed that they were operating from computers inside Iran. Allison Wikoff, a researcher with Atlanta-based Secureworks, who has tracked Charming Kitten, recognized some of the digital infrastructure in Certfa’s report and said the hackers’ past operations left little doubt they were government-backed.

Iran has denied hacking operations, but the AP analysis of the targets suggests that Charming Kitten is working in close alignment with the Islamic Republic’s interests.

Certfa said that the Charming Kitten campaign relies on a technique is commonly used by hackers — the password-stealing “phishing” that mimics the look and feel of Gmail security alerts. Certfa’s data shows that at least 13 U.S. Treasury employees’ personal emails were targeted. One email account belongs to a director at the Financial Crimes Enforcement Network that fights money laundering and terror financing, and another is used by the Iran licensing chief at the Office of Foreign Asset Control who is in charge of enforcing U.S. sanctions. The signs seem to point to a state-backed operation.

“It doesn’t look like freelancers,” Kagan said.

Latest news

Iran’s Negative Economic Growth: From Statistical Manipulation to the Collapse of Investment

When the gap between official figures and reality becomes too wide, the economic crisis is no longer confined to...

Iraq Sets September 30 as Deadline for Disarmament of Iranian Regime-Backed Militia Groups

Iraqi government spokesperson Haider al-Aboudi announced on Monday, June 29, that the government has given Shiite armed groups backed...

Escalating Iran-US Conflict Cuts Strait of Hormuz Traffic, Lifts Oil Prices

Oil Prices Rise and Ship Traffic Through the Strait of Hormuz Declines Following Tensions Between Iran and the United...

The ‘No To Executions Tuesdays’ campaign has entered its 127th week

The campaign “No to Executions Tuesdays,” a prisoner-led protest against executions held across multiple prisons in Iran, entered its...

Sixty-two Members of the Iranian Regime’s Assembly of Experts Call for Keeping the Strait of Hormuz Closed

As signs of divisions and rivalry at the highest levels of the Iranian regime have become increasingly apparent, 62...

Workers and Retirees in Iran Once Again Protest Over Living Conditions

Retirees and workers held protest gatherings and marches in several cities across Iran on Sunday, June 28, once again...

Must read

London’s terror bank

Wall Street Journal - REVIEW & OUTLOOK: In the...

The axis of weakness

Wall Street Journal (Europe): In a Middle East full...

You might also likeRELATED
Recommended to you