APT Charming Kitten Pounces on Medical Researchers
Researchers have found that the advanced persistent threat group with known links to Iran called Charming Kitten has been targeting genetic, neurology, and oncology professionals in a credential-stealing campaign. Security researchers have linked the campaign, which occurred in late 2020, to the Iranian group, stating that the APT sought to steal credentials from 25 different senior professionals. The targeted professionals worked at different research organizations across the US and Israel.
The campaign has been dubbed BadBlood by researchers at Proofpoint, who recently posted their findings. In the past, Charming Kitten has primarily targeted dissidents, academics, diplomats, and journalists. This campaign, therefore, marks a shift in Charming Kitten’s goals. BadBlood was likely motivated by intellectual property theft due to the pandemic and vaccine development.