Iranian Hackers Target U.S. Military, Defense Companies

July 15, 2021


Jeff Seldin


Voice of America

Related Country: 

  • European Union
  • United Kindom

Facebook announced in a July 15 blog post that an Iranian hacker group had created fake profiles on the social media service to contact military personnel and defense contractors in the United States, the United Kingdom, and other European countries in a months-long bid to infect their computers with viruses and steal data. The hackers disguised themselves as journalists, corporate recruiters, employees of defense firms and nongovernmental organizations, and workers employed in the aviation, healthcare, and hospitality industries. According to Facebook, the hackers would try "to move conversations off-platform" through the use of other "collaboration and messaging platforms," then send malware to their targets. Facebook, which removed the fake profiles and blocked related domains, described the effort as part of a "much broader cross-platform cyber espionage operation" and linked the malware to Mahak Rayan Afraz, a Tehran-based firm tied to the Islamic Revolutionary Guard Corps (IRGC). It remains unclear what information, if any, the hacker group—known as "Tortoiseshell"—succeeded in obtaining from its targets.