Photo: Sean Gallup / Getty Images News / Getty Images
Iranian hackers have reportedly posed as job recruiters in an elaborate espionage scheme targeting software engineers in the aviation and oil sectors. According to CNN, the hackers used fake job postings and video conferencing software infected with malicious code to gather intelligence. Researchers from Palo Alto Networks' Unit 42 revealed that the hackers impersonated a U.S. airline and created AI-generated job ads to deceive potential targets.
The hacking campaign occurred during a tense period between the United States, Israel, and Iran. While the hackers targeted aviation, oil, and gas companies, Unit 42 researchers believe they did not successfully breach these firms. However, they suspect other unidentified targets may have been compromised. The campaign highlights the growing role of cyber espionage in military conflicts and the need to bolster critical infrastructure protection.
The Aviation Information Sharing and Analysis Center expressed that such attacks were anticipated due to the ongoing conflict. Jeffrey Troy, the group's president, stated, "We have been expecting attacks as a consequence of the war."
Iranian hackers have a history of targeting airlines to track dissidents abroad. This latest operation underscores Iran's efforts to infiltrate high-tech sectors by posing as prospective employers. The campaign is linked to Iran's cyber intelligence efforts, which have continued despite the conflict.
The research from Unit 42 indicates that the Iranian group remains active and is conducting sustained global cyber campaigns. The operation's complexity and targeting suggest that Iranian threat groups are behind these activities, posing significant risks to various organizations.