Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics
Iranian state-backed hacking group APT 25 (also known as Charming Kitten, Phosphorus, Ajax Security Team, NewsBeef and Newscaster) has updated its attack techniques to carry out a spearphishing campaign targeting US President Donald Trump’s re-election campaign, according to recent research[pdf] by ClearSky Cyber Security.
The report states that the new attack follows a 2018 campaign aimed at compromising emails accounts in order to monitor the communications of targeted individuals. The attackers employ sophisticated techniques to bypass two-factor authentication. The attack seems to overlap with a campaign analyzed by Microsoft in a recent report. The researchers “evaluate in a medium-high level of confidence, that Microsoft’s discovery and our findings in our previous and existing reports is a congruent operation.”