Security researchers uncovered an initiative by an Iran-based threat group dubbed as “Threat Group 2889” which created a network of fake LinkedIn profiles for “obtaining confidential information which can be used for cyber-espionage purposes. The team said the intent of the group was to use what researchers called “convincing profiles” in a self-referenced network to zero in on victims through social engineering. The “extensive” network included fake personas of “recruiters” from Northrup Grumman, Teledyne and other international companies as well as 204 legitimate LinkedIn accounts, the bulk of which belong to company employees in the U.S., Europe, the Middle East, South Asia and North Africa. As per security researchers, LinkedIn was used for this kind of activity because it facilitates professional networking and what was surprising was the reuse of established fake LinkedIn accounts, by giving them a totally new persona, whilst maintaining its connections and network.
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street