https://www.defenseone.com/technology/2019/01/report-iran-likely-setting-stage-international-phishing-campaign/154077/
By Patrick Tucker
Technology Editor
Defense One
January 10, 2019
Hackers have been methodically gaining access to domain name services that
allow malware-laden emails to look like they come from legitimate
organizations.
Phishing attacks only work when the target takes the bait. The email containing
the link or attachment that will compromise the target's computer has to look
legitimate, from a recognizable domain. A new report says that someone --
likely Iran -- has been hijacking domains related to entities across the Middle
East and North America, which could allow Iran to launch more, and more
successful, cyber attacks.
Issued Thursday by cybersecurity company FireEye, the report says actors are
using various techniques to hijack Domain Name System, or DNS, functions,
allowing them to make phony emails appear legitimate.
"The entities targeted by this group include Middle Eastern governments whose
confidential information would be of interest to the Iranian government and
have relatively little financial value" the researchers write. "A large number
of organizations have been affected by this pattern of DNS record
manipulation... They include telecoms and [Internet service providers],
internet infrastructure providers, government and sensitive commercial
entities."
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
