Facebook: Iran-based Hackers Used Site to Target US Military Personnel

A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration
A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration
TT

Facebook: Iran-based Hackers Used Site to Target US Military Personnel

A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration
A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration

Facebook said on Thursday it had taken down about 200 accounts run by a group of hackers in Iran as part of a cyber-spying operation that targeted mostly US military personnel and people working at defense and aerospace companies.

The social media giant said the group, dubbed 'Tortoiseshell' by security experts, used fake online personas to connect with targets, build trust sometimes over the course of several months and drive them onto other sites where they were tricked into clicking malicious links that would infect their devices with spying malware.

"This activity had the hallmarks of a well-resourced and persistent operation, while relying on relatively strong operational security measures to hide who's behind it," Facebook's investigations team said in a blog post, according to Reuters.

The group, Facebook said, made fictitious profiles across multiple social media platforms to appear more credible, often posing as recruiters or employees of aerospace and defense companies.

Microsoft-owned LinkedIn said it had removed a number of accounts and Twitter said it was "actively investigating" the information in Facebook's report.

Facebook said the group used email, messaging and collaboration services to distribute the malware, including through malicious Microsoft Excel spreadsheets.

A Microsoft spokesperson said in a statement it was aware of and tracking this actor and that it takes action when it detects malicious activity.

Alphabet Inc said it had detected and blocked phishing on Gmail and issued warnings to its users. Workplace messaging app Slack Technologies Inc said it had acted to take down the hackers who used the site for social engineering and shut down all Workspaces that violated its rules.

The hackers also used tailored domains to attract its targets, Facebook said, including fake recruiting websites for defense companies, and it set up online infrastructure that spoofed a legitimate job search website for the US Department of Labor.

Facebook said the hackers mostly targeted people in the United States, as well as some in the United Kingdom and Europe.

Facebook declined to name the companies whose employees were targeted but said it was notifying the individuals targeted.

The campaign appeared to show an expansion of the group's activity, which had previously been reported to concentrate mostly on the I.T. and other industries in the Middle East, Facebook said.

The investigation found that a portion of the malware used by the group was developed by Mahak Rayan Afraz (MRA), an I.T. company based in Tehran with ties to the Revolutionary Guard Corps.



Biden after Trump’s Election Win: Setbacks Are Unavoidable

US President Joe Biden addresses the nation from the Rose Garden of the White House in Washington, DC, November 7, 2024, after Donald Trump won the presidential election. (Photo by SAUL LOEB / AFP)
US President Joe Biden addresses the nation from the Rose Garden of the White House in Washington, DC, November 7, 2024, after Donald Trump won the presidential election. (Photo by SAUL LOEB / AFP)
TT

Biden after Trump’s Election Win: Setbacks Are Unavoidable

US President Joe Biden addresses the nation from the Rose Garden of the White House in Washington, DC, November 7, 2024, after Donald Trump won the presidential election. (Photo by SAUL LOEB / AFP)
US President Joe Biden addresses the nation from the Rose Garden of the White House in Washington, DC, November 7, 2024, after Donald Trump won the presidential election. (Photo by SAUL LOEB / AFP)

Seeking to console fellow Democrats, US President Joe Biden delivered remarks to the nation Thursday in what was his first appearance on camera following Republican Donald Trump’s decisive victory.

"Setbacks are unavoidable. Giving up is unforgiveable," Biden said at the White House Rose Garden as he addressed staff who were disappointed in Vice President Kamala Harris' defeat. "A defeat does not mean we are defeated."

Biden said Tuesday's election had proven the integrity of the US electoral system and said he would preside over an orderly transfer of power.

"We lost this battle. The America of your dreams is calling for you to get back up," he said.

The president reiterated that the US election system “is honest, it is fair, and it is transparent. And it can be trusted, win or lose.”

“America endures,” he said. “We’re going to be ok, but we need to stay engaged.”

Some Democrats have blamed Biden, 81, for Harris' defeat, saying he should not have sought reelection. Biden only dropped his reelection bid in July after a disastrous TV debate with Trump raised alarm bells about his mental fitness.
Trump's campaign said Biden had invited him to meet at the White House at an unspecified time. In the weeks ahead, Trump will select personnel to serve under his leadership.