Fake Facebook Accounts USed by Iran Hackers to Attack High Value Targets
Iranian hackers have carried out a sophisticated three-year cyber-espionage campaign using fake Facebook accounts to target high-profile victims in US, UK, Israel and Syria.Reuters

A US security company has uncovered a sophisticated three-year cyber espionage campaign carried out by Iranian hackers using social engineering techniques to monitor military and political leaders in the US, UK, Israel, Syria, Iraq and Afghanistan.

The cyber-espionage campaign saw a group of cyber-spies based in Iran create 14 fake Facebook accounts and use those to infiltrate high-profile targets around the world.

The security company, iSight Partners, said the hackers' targets include a four-star US Navy admiral, US lawmakers and ambassadors, members of the US-Israeli lobby, and personnel from Britain, Saudi Arabia, Syria, Iraq and Afghanistan.

The campaign is being called the most sophisticated cyber-espionage campaign ever mounted and while no concrete link to the Tehran government has been established, the complexity and length of the campaign would suggest it was carried out with the support of a nation state.

NewsOnAir.org Website Used by Fake Facebook Accounts in Iran

Six of the fake Facebook profiles claimed to work for a news organisation called NewsOnAir.org, which itself was a fake website using content from Associated Press, BBC, Reuters and other media outlet.

At the time of publication, the website is still online.

The other 8 fake profiles claimed to work for defence contractors and other organisations, iSight said.

As well as creating fake Facebook profiles, the hackers created similar profiles on LinkedIn, Twitter and Google+. While Twitter and LinkedIn have not commented, LinkedIn said none of the 14 accounts associated with the iSight investigation were currently active.

Making friends

Using the fake profiles the hacker first befriended acquaintances of their targets, such as college friends and co-workers, in a bid to establish trust.

Once they felt they had built up enough of a profile, the hackers would then befriend their target and send links to the NewsOnAir.org website in order to build up a sense of trust.

Finally the hackers would send links which would infect PC with malware if clicked on, or direct their targets to websites which required them to enter network credentials, which the hackers could capture.

In total the hackers' fake profiles befriended over 2,000 people on Facebook with iSight estimating that the campaign targeted several hundred high-profile people.

Facebook said it had not removed the fake profiles after it discovered the hacking group while investigating suspicious friend requests and other activity on its website.

The details of the campaign ahve been published just 24 hours after Facebook's CEO was ordered to appear before a court in southern Iran to answer complaints over users privacy.

It was also reported this week that eight Facebook users have been sentenced to a total of 123 years in jail for various charges including insulting the country's supreme leader on the social network.