Hackers catfish tech execs on LinkedIn Hackers catfish tech execs on LinkedIn

Hackers catfish tech execs on LinkedIn

A friendly woman on the internet can fool even the most security-conscious man -- and hackers can take advantage.


Since at least April 2016, a number of social media profiles have been created for a photographer named "Mia Ash." The persona befriended male employees of oil and technology firms in Israel, Saudi Arabia, India, U.S, and Iraq.


Now, a hacking group linked to Iran is believed to be behind the accounts, according to new research from security firm SecureWorks.

SecureWorks calls the hacking group Cobalt Gypsy, also known as OilRig by other researchers. The group has previously targeted Saudi Arabian oil, financial and tech executives, as well as Israeli corporate networks.

On LinkedIn, the hackers behind Mia connected with professional photographers to make the account seem more authentic. Meanwhile, the profile photos were stolen from a Romanian photographer, who has not responded to a request for comment.

Mia first tried to befriend these individuals on LinkedIn, sharing information about her purported photography job and the trips she took. She later invited them to chat on other platforms like Facebook.

But the phishing attempt SecureWorks studied was unsuccessful. Although the the victim clicked on an infected link, the company's anti-virus precautions caught the malware.

As of now, the firm doesn't know if other attempts made by Mia were successfully executed. But it identified as many as 40 people who interacted with the persona on LinkedIn and Facebook (FBTech30). Mia also had a personal photography website and fake accounts on Instagram, WhatsApp and Blogger. Most of those profiles are now offline.

According to Allison Wikoff, the lead researcher on the investigation into Cobalt Gypsy, LinkedIn can be a successful way for hackers to target people because users are inclined to trust others on the site. The hackers who posed as Mia used LinkedIn before switching to more personal communications channels like WhatsApp and Facebook.

"It's a professional network, so there's a little bit of trust people assume when they join it, versus social networks which are more designed for socialization," she said. "[Someone's] guard is a little more down on professional networks."

mia ash facebook profile fake

It's not the first time this group has used fake LinkedIn profiles to snare victims. In 2015, Cobalt Gypsy hackers posed as recruiters on the professional network. But using a single female persona was a first for this group.

In January, SecureWorks found that Cobalt Gypsy targeted a Middle Eastern company with phishing attacks that appeared to come from legitimate email addresses at a variety of information technology firms. Those phishing emails contained the same malware, called PupyRAT, Mia sent to her victim.

"Companies spend lot of time educating their staff on those kinds of phishing campaigns," Wikoff said. "So if that's not successful, establishing a personal relationship with your intended target is the best way to potentially make the connection."


Shared from: CNN

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top


Boldstart Founder Launches Hyperledger Fabric's First Blockchain Accelerator

The founder of VC firm Boldstart Ventures is launching the first accelerator dedicated exclusively to startups building on the Hyperledger Fabric blockchain.

CNN launches daily news show on Snapchat

CNN on Monday began streaming "The Update," a daily show on Snapchat featuring at least five news stories each episode from reporters and bureaus around the world, to attract younger viewers.

Quora now launches retargeting for advertisers

Quora’s newly launched ads platform now supports retargeting ads on the question-and-answer network.

Facebook faces scare that teens are going to Snapchat and Instagram. Again.

 Now playing on the internet: the episode in which everyone freaks out that young people are abandoning Facebook in favor of hot new social media services like Snap and Instagram.

IBM partners with Walmart, Unilever, Nestlé, and other food giants, to apply blockchain tech to food supply chains

They will be aiming to use blockchains to maintain secure digital records and improve the traceability of their foodstuffs

Blockchain can make social networks more private — and profitable for you

Fact: You’re going to spend a total of five years of your life on social media. But- is blockchain answer to everything?

The HuffPost’s tabloid-style homepage is paying dividends

The move was designed to deliver what Polgreen described as “a visceral snapshot of the day.”

Dashbot’s codeless Twitter Integration is now live!

Integrate your DM bot without code and in 10 seconds.

50 Bitcoin Exchanges Have Filed with the Japanese Financial Authority

In April, the Japanese government amended its fund settlement law to recognize bitcoin as a legal means of payment

Billionaire Calvin Ayre Acquires Crypto Media Outlet Coingeek

  The plan is for Calvinayre.com to continue to cover Bitcoin news as it relates to the gaming industry

Asus Debuts Specialized Motherboard for Cryptocurrency Miners

"Cryptocurrency and blockchain are here to stay"

Chatbot That Helps Users Appeal Parking Tickets Comes To U.S.

A chatbot called DoNotPay that helps users appeal parking tickets for free in the U.K. is now available in the United States.

How TD Ameritrade tackles security in Facebook Messenger chatbot

Chatbot is designed to answer faster than a human could.

How Blockchain Is Monetizing User’s Experience and Skills

Generating value is the key concept sustaining the explosion of Blockchain offerings in 2017.

Bezos on Amazon’s AI and Machine Learning Strategy

[It's all about] enabling other organizations to leverage the game-changer that is machine learning.

Mongolia's Hottest New Social App Is All About Horses

Although cowboy culture is mostly nostalgia in the United States these days, many rural Mongolians still rely on their horses in daily life. In Mongolia, horsemanship is one of the most celebrated aspects of their culture, even on social media. "If we...

Startups could be key to fixing tech's diversity problem

Silicon Valley companies are learning a hard lesson: They can't escape their attitude problems.

Android Oreo released by Google

Google has released the latest version of its Android mobile operating system (OS), which will be named after Oreo chocolate biscuits.

How RBC is using a blockchain to overhaul its loyalty program

“We see loyalty as a great use case for blockchain to allow us to provide customers more real-time access to rewards points to provide an almost Starbucks-like experience.”

Why finance brands are so hot on content marketing

Content is one way to make people return to their site to see new updates, buy new products and invest more money.

Reddit now allows users to upload videos

Videos are coming to Reddit, thanks to a new feature that allows users to upload video clips directly to the service.

Sharp sues Hisense over a foreign “gag order”

Sharp, a Japanese electronics manufacturer, has filed a lawsuit challenging a foreign gag order that company lawyers say prevents Sharp from talking about its own brand.

How A Police Body Camera Company Is Becoming An Artificial Intelligence Company

Like most technology companies today, Axon’s goal is to collect data; the free body camera trial is just another avenue to generate and collect more of it.

Mic Lays Off Dozens Just a Week After Promising Not To

A number of online outlets, including Mashable, Vice, and MTV News, have recently slashed their writing staffs to focus on producing visual content

Kit Kat accused of copying Atari game

Kit Kat's maker Nestle has been accused of copying Breakout, the 1970s computer game, in a marketing campaign.

YouTube TV expands to 14 new markets

YouTube is broadening access to live TV streaming as younger viewers increasingly watch shows online and traditional broadcast networks grapple with aging demographics among viewers.

Hyundai looks to build a >300-mile-range electric car

More carmakers are looking toward electric vehicles as fuel cell falters

Why Bancor Wants To Become The YouTube Of Cryptocurrency

If Bancor overcomes the initial scandals (it shortchanges its users' by rounding token values) Bancor could reshape the cryptocurrency marketplace as we know it.

The best of Siri: 11 funny responses from the iPhone's virtual assistant

Since its launch in 2011, Siri has become increasingly intelligent, and can now hold basic two-way conversations with users.

How Yogscast built a media empire

The newer generation doesn’t want to be told how to do things, they want to see it.

Skype’s new look arrives on the desktop in preview form

The chat-focused update comes with new features for messaging and calls.

Subscribe to the Business Brief Newsletter

Get our complimentary briefing, featuring news & analysis of the business trends and practices.
Terms and Conditions