An Iranian group which pretended to be a British-based academic in order to target individuals in a cyber-espionage campaign has been discovered.
The group also compromised a real website belonging to the School of Oriental and African Studies (SOAS), University of London, to try to steal information.
The operation was uncovered by cyber-security company Proofpoint.
They call it "SpoofedScholars" and say it shows an increase in sophistication.
The attackers, sometimes called "Charming Kitten" and believed to be linked to the Iranian state, were also willing to engage in real-time conversations with their targets, who were mainly in the US and UK.
In early 2021, emails claiming to come from a "senior teaching and research fellow" at SOAS university in London invited people to an online conference called The US Security Challenges in the Middle East.
The emails, sent from a Gmail address, had not been sent by the real academic but by a cyber-espionage group believed to be linked to the Iranian Revolutionary Guards.
Once a conversation was established, the target was sent a "registration link" hosted by a real website which had already been compromised by the attackers.
The article is from:(the full version is here) https://www.bbc.com/news/technology-57817463