August 12, 2020

Volume X, Number 225

August 11, 2020

Subscribe to Latest Legal News and Analysis

August 10, 2020

Subscribe to Latest Legal News and Analysis

Privacy Tip #200 – Iranian Backed Hacking Group Using LinkedIn To Deliver Malicious Documents

Fireeye published research last week that it has identified a phishing campaign by APT34, which is known to be a hacking group out of Iran, that all LinkedIn users should be aware of when considering adding a LinkedIn contact. In particular, if you receive a LinkedIn request from someone named Rebecca Watts from Cambridge University, decline the invitation.

According to Fireeye, with the recent tensions between the U.S. and Iran, Iran based cyber espionage campaigns are in full swing. According to Fireeye’s threat research, “we believe APT34’s strongest interest is gaining access to financial, energy and government entities.”  One of the identified ways that APT34 is trying to gain access to businesses in these sectors is to through a LinkedIn request from a Rebecca Watts, who is “research staff” from Cambridge University.

APT34 sends a LinkedIn request to an individual who works in one of these sectors from “Rebecca Watts.” Once a user adds “Rebecca Watts” as a LinkedIn contact, a conversation ensues with a request for resumes for potential employment opportunities. The message includes a link that if opened, delivers malicious malware, including keylogger, credential theft and password dumping tools to the user’s system.

The obvious tip is to delete Rebecca Watts from Cambridge University from your LinkedIn account, and deny this fake individual’s request on LinkedIn. The second obvious tip is that nation state actors and cybercriminals are using social media every day to deliver malicious tools in order to perpetrate cyber espionage and fraud. When using any social media platform, be aware that these platforms are being used by threat actors and that you are being targeted and could be a pawn in the cyber war between the U.S. and other countries like Iran. Use basic cyber hygiene when determining whether to include people in your social media network and be as cautious about clicking on any links provided through social media platforms as you are when using email.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume IX, Number 206


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...