iranian hackers ta453 use new phishing techniques to attract more victims

TA453 now uses more sophisticated techniques for phishing attacks.

TA453 is an Iranian hacking group that is known to be operating in the wild by targeting victims through phishing emails.

The Iranian hacking group has been detected to have come up with new techniques that they deploy during their phishing attacks.

The new strategy employed by TA453 makes it necessary for them to exert a great deal more effort in order to execute their phishing attacks.

The Iranian hackers have been utilizing a variety of personalities and email accounts to give the impression that they are having a legitimate dialogue with their targets.

The possible victims are then drawn into an intricate and realistic discussion that is carried out by non-existent personas created by the hackers.

When they lure victims to their phishing trap, the email they send will also include another fake persona that can be noticed in the CC section. That fake persona is another character that the hackers created, and they have full control of that email.

TA453’s New Phishing Techniques

TA453’s new phishing techniques have been first discovered by the researchers at Proofpoint. According to BleepingComputer, this technique is referred to as multi-persona impersonation (MPI), and it makes use of the psychological principle known as the social proof to cloud rational reasoning and aims to use trustworthiness in its phishing attacks.

In a typical TA453 operation, the actor pretends to be a policy maker or a journalist, asking the target to work with them in collaboration. These Iranian hackers have a reputation for targeting journalists, policymakers, academics, and diplomats.

However, Proofpoint noticed a change in strategy implemented by TA453 beginning in June 2022. Iranian hackers have a reputation for engaging in seemingly innocent chats that later lead to deploying URLs that collect credentials.

Previously, TA453 would have one-on-one interactions with their targets, but towards the middle of the year 2022, this practice was discontinued.

TA453’s Targeted Phishing

A threat actor from TA453 starts a conversation by sending an email to the target while masking their identity as someone that has the same level of significance as their target.

The hacker then asks a variety of carefully crafted questions intended to generate a dialogue about political questions. In most cases, the purpose of these questions is to establish a pretext, with the primary purpose of establishing a false pretense for sending a follow-up link.

With some familiarity, in the following email exchanges, it can be noticed that the actors would CC another like-minded fake person that has been created by the group into the thread.

When trust has been built, the malicious actors will proceed to a documented file or a link to the target, saying it contains more information, but hidden underneath those links are malicious payloads waiting to be deployed on the device of the target.

TA453 Can Cause These Possible Damages

The TA453 hacking group appears to be reusing the specific filecloudonline[.]com host in numerous phishing campaigns.

According to Proofpoint, “The downloaded template, dubbed Korg by Proofpoint, has three macros: Module1.bas, Module2.bas, and ThisDocument.cls.”

Proofpoint adds, “The macros collect information such as username, list of running processes along with the user’s public IP from my-ip.io and then infiltrates that information using the Telegram API.”

Furthermore, researchers find it strange that the TA453 macros do not have the capability to execute code or to perform command and control functions.

Additionally, it has also been determined that based on the software that was found on the infected computers, users are made vulnerable to more forms of exploitation.

Keyword: Iranian Hackers TA453 Use New Phishing Techniques To Attract More Victims

TECH'S NEWS RELATED

Musk's advice to younger self: 'Stop and smell the roses

ETtech In an evening devoted to robots and computer technology, a questioner asked what the 51-year=old would tell his younger self Tesla Inc’s famously focused chief executive, Elon Musk, faced one question at the company’s ‘AI Day’ event on Friday that momentarily stumped him.In an evening devoted to robots and ...

View more: Musk's advice to younger self: 'Stop and smell the roses

The best coding bootcamps in Europe in 2022

Get a crash course into the dev world

View more: The best coding bootcamps in Europe in 2022

New theory predicts Earth-like, watery planets exist around red dwarfs

Figure. 1: Artist’s impression of the molten surface of a young rocky planet reacting with its primordial atmosphere to form water vapor. Credit: Tadahiro Kimura Recent exoplanet exploration has focused on the discovery of temperate rocky planets like the Earth, which are often called habitable planets. Most of the ...

View more: New theory predicts Earth-like, watery planets exist around red dwarfs

Suspected Chinese hackers tampered with widely used customer chat program

ETtech The scope and scale of the hack was not immediately clear. In a message, Comm100 said it had fixed its software earlier Thursday and that more details would soon be forthcoming. The company did not immediately respond to follow-up requests for information. Suspected Chinese hackers tampered with widely used ...

View more: Suspected Chinese hackers tampered with widely used customer chat program

Discovery of new microscopic species expands the tree of life

Legendrea loyezae with trailing tentacles. Credit: Bournemouth University Scientists have discovered several very rare species of microorganisms, some of which have never been seen before and others which have escaped the curious eyes of scientists for over a hundred years. The discovery of these elusive species, published in the ...

View more: Discovery of new microscopic species expands the tree of life

Tencent shifts focus to majority deals, overseas gaming assets for growth-sources

ETtech The shift comes as the world’s number one gaming firm by revenue is counting on global markets for its future growth, which requires a strong portfolio of chart-topping games, the sources aid. Tencent is resetting its M&A strategy to put more focus on buying majority stakes mainly in overseas ...

View more: Tencent shifts focus to majority deals, overseas gaming assets for growth-sources

5G launch | Jio will deliver 5G services in every town by December 2023, says Mukesh Ambani. Read full text

The rollout of 5G in India is not an ordinary event in India’s telecom history, says RIL Chairman Mukesh Ambani Reliance Industries Chairman Mukesh Ambani on October 1 said that telecom company Jio will launch 5G services across India by December 2023. Ambani was speaking at the India Mobile ...

View more: 5G launch | Jio will deliver 5G services in every town by December 2023, says Mukesh Ambani. Read full text

Can investment zones level up the UK’s tech hubs?

Investment zones: the devil is in the detail The wrong tool for the right job? ‘Destruction zones’ Among the many policy directions announced in Chancellor Kwasi Kwarteng’s calamitous mini-budget was the announcement of low-tax, low-regulation investment zones. The idea is to incentivise investment in specific regions across the UK. ...

View more: Can investment zones level up the UK’s tech hubs?

Microsoft Brings Back Task Manager to Windows Taskbar in Latest Build

Chinese EV start-up Li Auto launches L8 SUV aimed squarely at German rivals BMW, Audi and Mercedes-Benz

Sony XE300 Bluetooth Speaker Review: Good, but Could Be Better

Hack puts Latin American security agencies on edge

No Terminator: Musk teases 'useful' humanoid robot

What reptile's bones can teach us about Earth's perilous past

Winds of change drive 'alarming' rate of ocean warming

India 'must toughen goals' to achieve zero emissions, says study

Stretchy, bio-inspired synaptic transistor can enhance or weaken device memories

Exploring the plasma loading mechanism of radio jets launched from black holes

Exploring Australians' climate change views, practices, and capabilities

Researchers explore driving factors affecting sustainability of endorheic regions

OTHER TECH NEWS

;