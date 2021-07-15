Facebook claims that spies stationed in Iran targeted defense workers.

Facebook announced on Thursday that it has thwarted an espionage operation based in Iran that was targeting defense and aerospace personnel in Europe and the United States.

According to Mike Dvilyanski, the head of cyber espionage investigations, fake identities acting as firm employment recruiters or workers were utilized to fool targets.

In a telephone conference, Dvilyanski stated, “This endeavor was highly targeted.”

“It’s difficult for us to say how successful this campaign was, but it had all the hallmarks of a well-funded operation,” says the author.

According to Dvilyanski, some of the malicious malware used in the cyber surveillance campaign was written by Mahak Rayan Afraz, a Tehran-based computer firm with ties to the Islamic Revolutionary Guard Corps.

Facebook has taken down 200 accounts that it claims were used to trick personnel in the defense and aerospace industries into connecting outside of the social network, such as via email or phony employment websites.

According to Dvilyanski, the group known as “Tortoiseshell” had centered its actions in the Middle East until last year, when it turned its attention to the United States.

Facebook director of threat disruption David Agranovich said, “This gang employed numerous harmful approaches to identify its targets and infect their devices with malware to enable espionage.”

“Our platform was part of a much larger cross-platform cyber espionage operation, and its Facebook activity was primarily focused on social engineering and moving users off-platform.”

According to Dvilyanski, malware placed onto victims’ devices was aimed to extract information such as log-in credentials to email or social media.

Fewer than 200 users may have fallen for the ploy, according to Facebook, and those people have been warned of the deceit.

According to Facebook executives, some of the booby-trapped website connections were also prevented from being posted on the social network.

The US IT giant went on to say that it shared its results with colleagues in the internet business as well as law enforcement.

Dvilyanski stated, “We were merely a part of this campaign, and we are taking action on our platform.”