A report emerged on Wednesday that Iranian hacking group known as Threat Group-2889 are targeting LinkedIn users through a network of fake LinkedIn accounts. The report was
published by the cyber security firm Dell Secure Works which states that the security team has found 25 fake LinkedIn profiles. The researchers suspect that hackers were building the relationship with the potential victims around the world.
Dell Secure Works report stated that ” The level of detail in the profiles suggests that the threat actors invested substantial time and effort into creating and maintaining these personas. The photos used in the fake accounts are likely of innocent individuals who have no connection to activity.”
The profile photos used in those account are of people who had no connection with this hacking group. The report suggested that only two of these accounts are of leader figures with a profile which shows they are Recruitment Consultant. The other profiles shows that they holds an important position in industries like Banking, Automobile, Technology and many more. While the other accounts are there to support the leaders profile with endorsements and credibility to the leaders.
The researchers think that the main target of these hackers are Middle East. The top most targets of these hackers worked in telecommunication sector. Other major targets of these hackers are Middle Eastern governments and the defense sectors of Middle East and South Asia. The hackers were planning to get into these organizations database and stole highly classified data.
These hackers are identifying their potential victims by building a credible and seemingly genuine and established LinkedIn personas. The threat actors can establish a relationship with targets by contacting them directly, or by contacting one of the target’s connections. It may be easier to establish a direct relationship if one of the fake personas is already in the target’s LinkedIn network.
The social media site LinkedIn has not yet responded to these reports but those fake accounts has been taken down immediately. Iranian hackers are previously involved in hacking incidents where they stole data of high ranked US officials with the help of LinkedIn and Facebook. But the Iranian government has denied any connection with the hacking group at that time.