Hackers use Women profiles to Cyber Attack Scientists


Hackers are using all sorts of tactics to launch cyber attacks on scientists these days and the latest on it has come to light this week. Iranian hackers are said to be using fake women photos siphoned from British Photographers to cyber attack scientists and make them work for the Middle East governments.

According to a research carried out by Dell SecureWorks, hackers are using social engineering tactics to ensnare their targets with a ‘Honey Pot’. The research firm found out that hackers are using female images to fake their persona around and create profiles in social media platforms such as LinkedIn, Facebook, and WhatsApp.

They are then contacting professionals such as scientists, admins at tech, oil and gas refineries, aerospace, engineers and staff working for politicians and are befriending them. Then for a month, they exchange pleasantries and also their intimate photos. After the victim falls into a cyber trap, they infect their machines with virus and force/blackmail them to work for the Iranian government.

The research discovered that the government of Tehran was funding the said project of hackers trapping scientists and professionals.  By doing so it is trying to set up a classic example of espionage through seduction.

The malware which is being used to infect the machines is said to PupyRAT which gives the attacker a full privilege of taking a compromised machine under control.

Dell SecureWorks says that the pictures which are being used by the Iranian hackers were siphoned from a British photographer working for a Romanian firm.

When the law enforcement reached the photographer’s door step, she was amazed on knowing the fact that the images from her Pc were stolen in February this year.

Iranian Hackers group named Cobal Gypsy is suspected to be behind these attacks and has used a female’s name called Mia Ash to trap middle aged men.

Allison Wikoff, a senior security research working for Dell SecureWorks reports that Mia Ash doesn’t exist in reality and the hackers are launching attacks on her name by impersonating a female model’s photo.

Facebook and LinkedIn acted swiftly on the tip-off given by Dell SecureWorks and immediately scrapped off the profile of Mia Ash.
But experts feel that the damage might have already done as some people holding high profile positions in companies operating in United States, India, Europe, and Canada might have already been targeted by hackers.

Note 1- Cybersecurity Insiders is displaying the image of Mia Ash in order to let the world know what is behind this pretty face.

Note 2- The face appearing in the photo might have been of an innocent woman who doesn’t even know how hackers are using her beauty as a ‘Honey Trap’ to cyber attack scientists.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display