Search form

You are here

  • Home
  • Iran-backed hackers stage phishing campaign against activists, journalists: HRW


Iran-backed hackers stage phishing campaign against activists, journalists: HRW

Iran has long engaged in phishing attempts as part of its cyberwarfare strategy. (File/AFP)
Short Url

https://arab.news/8pg7r

Updated 05 December 2022
Arab News
Follow

Iran-backed hackers stage phishing campaign against activists, journalists: HRW

  • Espionage group linked to IRGC gains access to emails of 3 victims
Updated 05 December 2022
Arab News

LONDON: Iran-backed hackers have staged a targeted campaign against more than a dozen high-profile human rights activists, journalists, academics and government officials, Human Rights Watch said.

The organization found that a coordinated phishing attack had been launched by an Iran-linked hacking entity known as APT42, believed to be a cyberespionage group.

The HRW report said that two of its employees were targeted, alongside 18 other people, resulting in the hacking of emails belonging to three individuals.

APT42 gained access to the emails, cloud storage, calendars and contacts of a US newspaper correspondent based in the Middle East, a Gulf-based women’s rights activist as well as a refugee advocate in Lebanon.

HRW said that the phishing attack was launched via WhatsApp, with 15 of the targets receiving suspicious messages between September and November this year.

The message, disguised as a conference invitation, allowed APT42 to gain access to the Google accounts of the three victims after they were invited to enter their two-factor authentication details on false pretenses.

Iran has long engaged in phishing attempts as part of its cyberwarfare strategy.

Since 2010, hackers and espionage groups linked to the regime in Tehran have successfully hacked and leaked the data of government, military and business targets around the world.

In September, APT42 members were sanctioned by the US Office of Foreign Assets Control at the Treasury Department.

Google as well as cybersecurity businesses Recorded Future and Proofpoint have said that APT42 operates on behalf of Iranian authorities.

Earlier this year, cybersecurity company Mandiant said that the group’s activities were directed by Iran’s Islamic Revolutionary Guard Corps.

APT42 uses sophisticated social engineering strategies in disguising phishing attempts, HRW said.

In gaining the trust of victims, APT42 members use the real information of conference organizers to create fake accounts and contact high-profile activists and officials.

Previous attacks have seen the group impersonate members of the Munich Security Conference and the G20 Think 20 Summit in Saudi Arabia to contact targets and launch phishing attacks.

Abir Ghattas, information security director at HRW, said: “Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups.

“This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region.”

She added: “In a Middle East region rife with surveillance threats for activists, it’s essential for digital security researchers to not only publish and promote findings, but also prioritize the protection of the region’s embattled activists, journalists and civil society leaders.”

Topics: Iran Protests 2022

Related

Middle-East
Iran morality police status unclear after ‘closure’ comment
Middle-East
Iranian city shops shut after strike call, judiciary blames ‘rioters’

Lebanon PM to visit new Damascus ruler on Saturday

Updated 52 min 56 sec ago
AFP
Follow

Lebanon PM to visit new Damascus ruler on Saturday

  • Lebanon’s Prime Minister Najib Mikati will on Saturday make his first official trip to neighboring Syria since the fall of president Bashar Assad, his office told AFP
Updated 52 min 56 sec ago
AFP

BERUIT: Lebanon’s Prime Minister Najib Mikati will on Saturday make his first official trip to neighboring Syria since the fall of president Bashar Assad, his office told AFP.
Mikati’s office said Friday the trip came at the invitation of the country’s new de facto leader Ahmed Al-Sharaa during a phone call last week.
Syria imposed new restrictions on the entry of Lebanese citizens last week, two security sources have told AFP, following what the Lebanese army said was a border skirmish with unnamed armed Syrians.
Lebanese nationals had previously been allowed into Syria without a visa, using just their passport or ID card.
Lebanon’s eastern border is porous and known for smuggling.
Lebanese Shiite group Hezbollah supported Assad with fighters during Syria’s civil war.
But the Iran-backed movement has been weakened after a war with Israel killed its long-time leader and Islamist-led rebels seized Damascus last month.
Lebanese lawmakers elected the country’s army chief Joseph Aoun as president on Thursday, ending a vacancy of more than two years that critics blamed on Hezbollah.
For three decades under the Assad clan, Syria was the dominant power in Lebanon after intervening in its 1975-1990 civil war.
Syria eventually withdrew its troops in 2005 under international pressure after the assassination of Lebanese ex-prime minister Rafic Hariri.

Topics: Lebanon Syria

Related

Middle-East
Turkiye says France must take back its militants from Syria
Middle-East
EU medical aid crosses into Syria from Turkiye

UN says 3 million Sudan children facing acute malnutrition

Updated 10 January 2025
AFP
Follow

UN says 3 million Sudan children facing acute malnutrition

  • Famine has already gripped five areas across Sudan, according to a report last month
  • Sudan has endured 20 months of war between the army and the paramilitary forces
Updated 10 January 2025
AFP

PORT SUDAN, Sudan: An estimated 3.2 million children under the age of five are expected to face acute malnutrition this year in war-torn Sudan, according to the United Nations Children’s Fund (UNICEF).
“Of this number, around 772,000 children are expected to suffer from severe acute malnutrition,” Eva Hinds, UNICEF Sudan’s Head of Advocacy and Communication, told AFP late on Thursday.
Famine has already gripped five areas across Sudan, according to a report last month by the Integrated Food Security Phase Classification (IPC), a UN-backed assessment.
Sudan has endured 20 months of war between the army and the paramilitary Rapid Support Forces (RSF), killing tens of thousands and, according to the United Nations, uprooting 12 million in the world’s largest displacement crisis.
Confirming to AFP that 3.2 million children are currently expected to face acute malnutrition, Hinds said “the number of severely malnourished children increased from an estimated 730,000 in 2024 to over 770,000 in 2025.”
The IPC expects famine to expand to five more parts of Sudan’s western Darfur region by May — a vast area that has seen some of the conflict’s worst violence. A further 17 areas in western and central Sudan are also at risk of famine, it said.
“Without immediate, unhindered humanitarian access facilitating a significant scale-up of a multisectoral response, malnutrition is likely to increase in these areas,” Hinds warned.
Sudan’s army-aligned government strongly rejected the IPC findings, while aid agencies complain that access is blocked by bureaucratic hurdles and ongoing violence.
In October, experts appointed by the United Nations Human Rights Council accused both sides of using “starvation tactics.”
On Tuesday the United States determined that the RSF had “committed genocide” and imposed sanctions on the paramilitary group’s leader.
Across the country, more than 24.6 million people — around half the population — face “high levels of acute food insecurity,” according to IPC, which said: “Only a ceasefire can reduce the risk of famine spreading further.”

Topics: Sudan UN

Related

Middle-East
War-torn Sudan faces ‘widening’ famine crisis: UN-backed report
Middle-East
Sudan government rejects UN-backed famine declaration

Turkiye says France must take back its militants from Syria

Updated 10 January 2025
AFP
Follow

Turkiye says France must take back its militants from Syria

  • Ankara is threatening military action against Kurdish fighters in the northeast
  • Turkiye considers the Kurdish-led Syrian Democratic Forces as linked to its domestic nemesis
Updated 10 January 2025
AFP

ISTANBUL: France must take back its militant nationals from Syria, Turkiye’s top diplomat said Friday, insisting Washington was its only interlocutor for developments in the northeast where Ankara is threatening military action against Kurdish fighters.
Foreign Minister Hakan Fidan insisted Turkiye’s only aim was to ensure “stability” in Syria after the toppling of strongman Bashar Assad.
In its sights are the Kurdish-led Syrian Democratic Forces (SDF) which have been working with the United States for the past decade to fight Daesh group militants.
Turkiye considers the group as linked to its domestic nemesis, the Kurdistan Workers Party (PKK).
The PKK has waged a decades-long insurgency in Turkiye and is considered a terror organization by both Turkiye and the US.
The US is currently leading talks to head off a Turkish offensive in the area.
“The US is our only counterpart... Frankly we don’t take into account countries that try to advance their own interests in Syria by hiding behind US power,” he said.
His remarks were widely understood to be a reference to France, which is part of an international coalition to prevent a militant resurgence in the area.
Asked about the possibility of a French-US troop deployment in northeast Syria, he said France’s main concern should be to take back its nationals who have been jailed there in connection with militant activity.
“If France had anything to do, it should take its own citizens, bring them to its own prisons and judge them,” he said.

Topics: Turkiye Syria France Hakan Fidan

Related

Middle-East
Turkey says it has no preconditions for dialogue with Syria
Middle-East
Turkiye, Russia resume joint patrols in northeast Syria, Turkish ministry says

Lebanese caretaker PM says country to begin disarming south Litani to ensure state presence

Updated 10 January 2025
Reuters
Follow

Lebanese caretaker PM says country to begin disarming south Litani to ensure state presence

  • Najib Mikati: ‘We are in a new phase – in this new phase, we will start with south Lebanon and south Litani’
Updated 10 January 2025
Reuters

DUBAI: Lebanese caretaker Prime Minister Najib Mikati said on Friday that the state will begin disarming southern Lebanon, particularly the south Litani region, to establish its presence across the country.
“We are in a new phase – in this new phase, we will start with south Lebanon and south Litani specifically in order to pull weapons so that the state can be present across Lebanese territory,” Mikati said.

Topics: Lebanon Najib Mikati

Related

Middle-East
Lebanon’s President Joseph Aoun, respected army chief
Special video
Middle-East
Joseph Aoun elected president of Lebanon

Tanker hit by Yemen militia that threatened Red Sea spill has been salvaged

Updated 10 January 2025
AP
Follow

Tanker hit by Yemen militia that threatened Red Sea spill has been salvaged

  • The Sounion had been a disaster in waiting in the waterway, with 1 million barrels of crude oil aboard
  • The Houthis have targeted some 100 merchant vessels with missiles and drones since the war in Gaza started
Updated 10 January 2025
AP

DUBAI: An oil tanker that burned for weeks in the Red Sea and threatened a massive oil spill has been “successfully” salvaged, a security firm said Friday.
The Sounion had been a disaster in waiting in the waterway, with 1 million barrels of crude oil aboard that had been struck and later sabotaged with explosives by Yemen’s Iranian-backed Houthi militia. It took months for salvagers to tow the vessel away, extinguish the fires and offload the remaining crude oil.
The Houthis initially attacked the Greek-flagged Sounion tanker on Aug. 21 with small arms fire, projectiles and a drone boat. A French destroyer operating as part of Operation Aspides rescued its crew of 25 Filipinos and Russians, as well as four private security personnel, after they abandoned the vessel and took them to nearby Djibouti.
The Houthis later released footage showing they planted explosives on board the Sounion and ignited them in a propaganda video, something the militia have done before in their campaign.
The Houthis have targeted some 100 merchant vessels with missiles and drones since the war in Gaza started in October 2023. They seized one vessel and sank two in the campaign that has also killed four sailors. Other missiles and drones have either been intercepted by a US-led coalition in the Red Sea or failed to reach their targets, which have included Western military vessels as well.
The Houthis maintain that they target ships linked to Israel, the US or the UK to force an end to Israel’s campaign against Hamas in Gaza. However, many of the ships attacked have little or no connection to the conflict, including some bound for Iran.

Topics: Yemen Red Sea Sounion

Related

World
Greek-flagged oil tanker Sounion appears to be leaking oil, Pentagon says
Middle-East
Fires break out on abandoned Greek-flagged oil tanker Sounion that Yemen rebels attacked in Red Sea

Latest updates

’Real-world harm’ if Meta ends fact-checks, global network warns
Al-Azhar University to establish campus in Pakistan, says Egyptian grand mufti
Newcastle boss Howe eager to hang onto goalkeeper Dubravka
Lebanon PM to visit new Damascus ruler on Saturday
Kremlin says Putin ready for talks with Trump

Search form

Print Edition
Read pdf version Subscribe now
© 2025 SAUDI RESEARCH & PUBLISHING COMPANY, All Rights Reserved And subject to Terms of Use Agreement.