Security experts at
ClearSky researchers pointed out that these attacks represent a shift in the group tactics because this is the first time that the Charming Kitten group attempted to interfere in the elections of a foreign country.
The experts said, with medium-high confidence, that the campaign uncovered by Microsoft is the same campaign they observed over the past several months.
“We evaluate in a medium-high level of confidence, that Microsoft’s discovery and our findings in our previous and existing reports is a congruent operation” reads the report published by ClearSky, “based on the following issues:
Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.
Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011.
As part of the recently observed campaign, the state-sponsored hackers used three different spear-phishing methods:
Experts have identified more than eight new and unknown domains, all of which bear the ‘
Other technical information, along with indicators of compromise (IoCs) are included in the report.
(SecurityAffairs – Charming Kitten, Iran)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.