Russian, Iranian hackers pose as journalists in e-mails, Britain says

LONDON – British cybersecurity officials are warning that hacking groups linked to Russia and Iran are duping people into clicking malicious links by impersonating journalists and experts.

The hackers, who have similar goals but are said to be working separately, have sought to steal e-mails from people working in academia, defence, the media and government, as well as from activists and non-governmental organisations, according to an advisory released on Thursday by the UK’s National Cyber Security Centre.

“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems,” said Mr Paul Chichester, the centre’s director of operations. “We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”

The Russian hackers, known as “Seaborgium” or “Cold River”, were linked by researchers from Alphabet Inc’s Google in May to a website that had published private e-mails from the former head of the UK’s MI6 intelligence agency. The group also last year targeted scientists at three nuclear research laboratories in the US, according to Reuters.

The Iranian hackers, also sometimes called “TA453” or “Charming Kitten”, have previously been observed targeting officials at the World Health Organisation and scholars who specialize in Middle Eastern issues.

The hackers study their targets’ interests and identify their real-world social or professional contacts, according to the UK’s cyber security center. They have also created fake social media or networking profiles and tricked their victims by sending supposed conference or event invitations, according to the centre. BLOOMBERG