Phishing campaign targeting universities globally takes on massive attack scale

Threat actor Cobalt Dickens having ties with Iran government carried out one phishing operation during the months of July-August with the aim to attack over 60 universities worldwide. As per security researchers, because of the hacking campaign a minimum of 380 universities were affected within 30+ countries, with a large number of the attacked entities getting struck multiple times.

Cyber-security firm SecureWorks under the ownership of Dell which discovered the campaign says the attack possibly wanted theft of intellectual property so it diverted victims onto imposter login web-pages wherein they were asked to enter their passwords that the hacker ultimately stole.

According to senior security investigator Allison Wikoff at SecureWorks, the campaign targets to reach academic research data which's helpful in getting benefits ranging from economic to various other fields. The attack directly responds to sanctions as also the brain drain of academicians out of Iran into nations for participation in as well as benefiting from academic research of the freely-conducted and collaborative kind, Wikoff told ZDNet. www.zdnet.com posted this, September 11, 2019.

In their blog post SecureWorks writes that the online hackers haven't altered their operations in spite of takedown activity, several public disclosures and most importantly law enforcement operations. A highly aggressive effort towards disrupting the hacking operation related to the accusations by USA's Justice Department declared during March 2018 vis-à-vis 9 citizens of Iran for hacking into PC-networks belonging to many American universities, U.S. companies and agencies of the federal government.

The attackers, for their campaign, have signed up twenty fresh domains, a number of them employing legitimate security certificates so they may appear genuine. Besides the American universities, universities inside U.K., Canada, Switzerland, Hong Kong and Australia had been targeted.

The hacking syndicate further used freely available tools as well as codes obtainable on GitHub for carrying out the assaults. The tactic lets eschewing malware that's easily detectable by security software.

For countering phishing attacks, security researchers recommend educational institutions, in particular, universities towards enforcing multi-factor authentication techniques. Universities prove to be a highly-preferred target for online criminals because of their massive volumes of advanced research and intellectual property.

» SPAMfighter News - 9/17/2019