RFERL:

According to a cyber security research lab Certfa Iran backed hackers targeted U.S. government officials, think-tank employees and nuclear scientists around the world.

The hackers used sophisticated "Phishing attacks through email or social media and messaging accounts of public figures.” The attackers allegedly also managed to breach two-factor authentication.

According at an AP report Certfa managed to extract a partial list of 77 Yahoo and Gmail addresses accidentally left by hackers on one of their servers.

Certfa researchers allege that the hacking group Charming Kitten is behind this attack because "domain names and servers of this campaign are very similar to the methods" of Charming Kitten. Although the group used Virtual Private Networks to mask their locations Certfa says they managed to trace some of the IP address to Iran.

The list of 77 emails was discovered in November but there are no details as to when the scheme took place. It seems that the hacking goes back to the Obama years, but it is not clear when it ended or if it continued until recently.

Allison Wikoff a researcher at Atlanta-based Secureworks who previously also covered the Iran backed “Mia Ash” campaign came to the same conclusion about the origins of this campaign.

Go to link