All these days we have seen hackers targeting companies, individuals, politicians and celebrity stalwarts. But now, security research conducted by Proofpoint says that APT groups are now after journalists across the world and are interested in gaining access to classical information, n sources, manipulate their news drafts and postings and use their credentials to get into the networks of media outlets.
Proofpoint has evidence that threat actors linked to various Advanced Persistent Threat groups are behind media people and mostly those living in UK and United States and covering political news.
The good point in this whole scenario is that only 1% of journalists are falling prey to phishing attacks launched by APT groups, as others are smartly evading such attacks with advanced thinking on a proactive note.
Proofpoint identified Chinese group Zirconium targeting journos from China through email phishing and beacon tactics, while Russia’s group of threat actors is busy focusing on journalists from the United Kingdom.
The matter doesnāt end here, as a Chinese hacking group named TA456 or TortoiseShell is seen impersonating western journalists with fake social media profiles and trying to contact high profile politicians or leaders of government organizations and engaging in chats and calls to mint sensitive information.
Well, not that easy to programmatically gain info from such celebrities. But one will be surprised to know the way the modus operandi is being conducted to gain data.
In one instance, a journalist whose is almost 63-years of age and working for a New York-based media firm was impersonating on social media with a beautiful face of a London based fashion model. And through her profile, a military general from the UK was coaxed to spill the details of artillery sent to support Ukraine in its war with Russia. It is unclear whether the Chinese Intelligence was alone behind the incident or was in cognizance with Kremlin to conduct such data acquisition.