Israel Exposes Iranian Phishing Campaign Targeting Israeli Officials

Fake profiles were employed impersonating Israelis whom would-be victims had been in contact with for professional or personal reasons. The Iranians would make initial contact through a phony LinkedIn profile, then later shift the conversation to email.

Eventually, the Israeli targets would receive an attached file in the guise of an invitation to a conference or an article or study of interest. Opening the file would introduce malicious software that would give the Iranian contact access to the rest of the target’s computer.

The Iranian entity’s appeals were based on information collected about the Israeli targets from social networks and the internet, and the contents of the correspondence and the connection were appropriate to their occupation and interests.

“The awareness and vigilance of the citizens they turned to, along with additional actions by the Shin Bet and the Israeli security system, thwarted the Iranian attempts to achieve their goal,” said the Shin Bet.

The statement did not indicate how many Israelis were contacted or had downloaded the malware.

Israel and Iran have been engaged in years of clandestine cyberwarfare.

Iranian hackers are believed responsible for trying to poison Israel’s water system in 2020, encrypting data at Hillel Yaffe Medical Center in Hadera and demanding a ransom in 2021, and triggering false rocket sirns in 2022.

The major Iranian port of Bandar Abbas was paralyzed for days when computers coordinating the arrival and departure of ships, trains and trucks crashed in 2020. The attack took place shortly after the attack on Israel’s water system and has been widely attributed to Israel.

Israel’s defense establishment views the attack, which follows a recent sharp spike in cyber attacks on strategic targets in the country by foreign parties, as a significant event.

Produced in association with Jewish News Syndicate

Edited by Judy J. Rotich and Newsdesk Manager