Hacking group based in Iran continues to target US citizens, Google reports

A hacking group named APT35 has been targeting important US citizens and institutions since 2017. The group was involved in targeting former US President Donald Trump's election campaign staff during the 2020 elections. Google's Threat Analysis Group continues to monitor APT35 and 270 other independent and government-backed hacking groups.

Fawad Murtaza, Published 10/16/2021 🇮🇹 🇪🇸 ...

Security

A recent blog post from Google’s Threat Analysis Group has detailed the methods an Iranian hacking group known as APT35 uses to target high-value individuals. APT35, which also operates as Ajax Security team, Charming Kitten, and Phosphorus, has been targeting politicians, NGOs, government institutions, journalists, and academia since 2017. The group has also tried to target former US President Donald Trump’s election campaign staff during the 2020 elections.

Among the many methods that APT35 uses, phishing attacks using malicious links are the most common. For instance, in early 2021, APT35 infiltrated a website associated with a UK university. The group then placed a phishing kit on the website to gather user credentials and started emailing users a link to the website. The users were asked to log in using the link for attending a fake webinar.

APT35 also tried to upload spyware masked as a VPN client to the Google Play Store. If installed on the phone, the app could collect SMS and call records, location information, and contacts. Google foiled the attempt by removing the app from the Play Store.

Aside from APT35, Google’s Threat Analysis Group has been tracking 270 independent and government-backed hacking groups from 50 countries around the world. This has allowed Google to warn possible targets before attacks happen. In 2021 alone, the Threat Analysis Group sent 50,000 warning messages to users who were at risk of phishing attacks.

Buy Seagate portable 2TB external hard drive

Source(s)

Google, Bloomberg

Los estafadores aprovechan el pánico a la variante Omicron de COVID-19 para difundir correos electrónicos de phishing. (Imagen: Lifewire)

Los estafadores envían correos electrónicos de phishing basados en la variante Omicron de COVID-19 12/07/2021

Scammers use the panic about the Omicron variant of COVID-19 to spread phishing emails. (Image: Lifewire)

Scammers send phishing emails based on the Omicron variant of COVID-19 12/06/2021

An FBI email system has been compromised by a hack, sending thousands of fake messages to random addresses. (Image source: Markus Spiske on Unsplash).

The FBI's email system has been hacked, with thousands of fake messages sent 11/15/2021

Robinhood suffers security breach exposing details of millions of customers.

Robinhood, the popular no-fee trading app, suffers a security breach exposing details of millions of customers 11/09/2021

Microsoft alerted 140 tech companies to attacks by Russian hacking group, NOBELIUM. (Image: Nahel Abdul Hadi)

Microsoft alerts 140 tech retailers and service providers to targeted attacks by Russian hackers 10/29/2021

Hackers attempt to exploit popular YouTube creators by utilising phishing emails. (Image: NordWood Themes)

Hackers attempt to hijack the accounts of YouTube creators via phishing attacks 10/25/2021

Over 200 cybersecurity specialists tackled the many attempted attacks during the Tokyo 2020 Olympics. (Image Source: Brian Turner via Unsplash)

450 million cyberattacks were attempted on the Tokyo 2020 Olympic Games infrastructure 10/25/2021

Thingiverse hack affects 228,000 users. (Image: Nahel Abdul Hadi)

Major hack at Thingiverse results in data leak of 228,000 users 10/22/2021

The U.S. will soon ban the export of cybersecurity tools to specific countries and entities. (Image via U.S. Department of Commerce)

United States to ban export of cybersecurity tools and software to countries with "authoritarian practices" 10/21/2021

Acer India has been hit by a major security breach. (Image Source: Unsplash)

Major security breach hits Acer affecting millions of Indian users, hacking group claims responsibility 10/18/2021

Steam is the most important digital distribution platform for PC games (Image: Valve)

Hacker receives US$7,500 bounty for reporting exploit that allowed him to add unlimited funds to his Steam wallet 08/16/2021

The balance between security, performance and battery life has driven Windows 11 CPU support choices. (Image: Microsoft)

Windows 11: Microsoft's Director of OS Security explains the tough CPU requirements for Win 11 07/03/2021

The iPhone X can be cracked by Cellebrite's tool. (Source: Business Insider)

Cybersecurity experts: Android phones may now be more secure than iPhones 01/31/2020

Lenovo busted for secretly paying cybersecurity "influencers" to promote ThinkShield 11/21/2019

PC-Doctor Tool For Windows is also believed to be vulnerable to cyber attacks. (Image source: Lifewire)

Cybersecurity company finds worrying vulnerability affecting millions of Dell laptops and desktops 06/22/2019

Read all 1 comments / answer

Loading Comments

Comment on this article

Intel declares that the upcoming Ar...

Customers are left in the dark: Onl...

Fawad Murtaza - Senior Tech Writer - 754 articles published on Notebookcheck since 2021

I am Fawad, a fellow tech nerd. As a tech junkie, my relationship with technology goes back to my childhood years. Getting my first Intel Pentium 4 PC was the start of journey that would eventually bring me to Notebookcheck. Finally, I have been writing for tech media since 2018. From small no-name projects to industry leaders, I have worked with a number of tech publications.

contact me via: LinkedIn

Please share our article, every link counts!

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2021 10 > Hacking group based in Iran continues to target US citizens, Google reports

Fawad Murtaza, 2021-10-16 (Update: 2021-10-16)

Hacking group based in Iran continues to target US citizens, Google reports

Source(s)

Related Articles