Jesus' Coming Back

US cyber firm blocks Iran reconnaissance efforts to reveal collaborators of adversaries

US global security firm Mandiant has worked to prevent the operations of a network of Iran operatives collecting intelligence on those believed to be collaborating with intelligence and security agencies abroad, especially in Israel, the firm announced Wednesday. 

Mandiant has worked to ensure that this operation by Iran was blocked and disrupted, the accounts of the individuals operating for Iran were deleted, and that Google Chrome users and the users of other browsers are safe. 

The Iranian reconnaissance efforts could help Iran uncover those collaborating with the country’s adversaries, according to the security firm. 

This operation was found to be similar to another earlier Iranian operation, APT42, which is suspected of operating on behalf of Iran’s IRGC Intelligence Organization. 

Iranian intelligence use several social media accounts to disseminate a network of tens of fake recruiting websites containing decoy content in the Farsi language.

 Post by @A_Soleimani_Far, a Virasty (Iranian social network) profile promoting the fake recruitment website joinoptimahr[.]com in an effort to discover collaborators of Iran's adversaries, August 28, 2024. (credit: Screenshot via Mandiant)
Post by @A_Soleimani_Far, a Virasty (Iranian social network) profile promoting the fake recruitment website joinoptimahr[.]com in an effort to discover collaborators of Iran’s adversaries, August 28, 2024. (credit: Screenshot via Mandiant)

These websites include job offers and Israel-related lures, including images of Israeli national symbols, hi-tech offices, and major city landmarks to lure those who may be collaborating with Israel and other adversaries. 

While entering the sites, the Iranian users must disclose their personal details and professional and academic experience, which is then sent to the Iranian operatives.

Iran’s reconnaissance efforts 

Iran’s reconnaissance efforts began in 2017 and has continued until at least March 2024. 

Similar operations were used in Arabic to target those affiliated with Syria and Hezbollah intelligence and security agencies. 

JPost

Comments are closed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More