Arab Press

بالشعب و للشعب
Friday, Aug 22, 2025

Iran-backed hackers stage phishing campaign against activists, journalists: HRW

Iran-backed hackers stage phishing campaign against activists, journalists: HRW

Iran-backed hackers have staged a targeted campaign against more than a dozen high-profile human rights activists, journalists, academics and government officials, Human Rights Watch said.
The organization found that a coordinated phishing attack had been launched by an Iran-linked hacking entity known as APT42, believed to be a cyberespionage group.

The HRW report said that two of its employees were targeted, alongside 18 other people, resulting in the hacking of emails belonging to three individuals.

APT42 gained access to the emails, cloud storage, calendars and contacts of a US newspaper correspondent based in the Middle East, a Gulf-based women’s rights activist as well as a refugee advocate in Lebanon.

HRW said that the phishing attack was launched via WhatsApp, with 15 of the targets receiving suspicious messages between September and November this year.

The message, disguised as a conference invitation, allowed APT42 to gain access to the Google accounts of the three victims after they were invited to enter their two-factor authentication details on false pretenses.

Iran has long engaged in phishing attempts as part of its cyberwarfare strategy.

Since 2010, hackers and espionage groups linked to the regime in Tehran have successfully hacked and leaked the data of government, military and business targets around the world.

In September, APT42 members were sanctioned by the US Office of Foreign Assets Control at the Treasury Department.

Google as well as cybersecurity businesses Recorded Future and Proofpoint have said that APT42 operates on behalf of Iranian authorities.

Earlier this year, cybersecurity company Mandiant said that the group’s activities were directed by Iran’s Islamic Revolutionary Guard Corps.

APT42 uses sophisticated social engineering strategies in disguising phishing attempts, HRW said.

In gaining the trust of victims, APT42 members use the real information of conference organizers to create fake accounts and contact high-profile activists and officials.

Previous attacks have seen the group impersonate members of the Munich Security Conference and the G20 Think 20 Summit in Saudi Arabia to contact targets and launch phishing attacks.

Abir Ghattas, information security director at HRW, said: “Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups.

“This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region.”

She added: “In a Middle East region rife with surveillance threats for activists, it’s essential for digital security researchers to not only publish and promote findings, but also prioritize the protection of the region’s embattled activists, journalists and civil society leaders.”
Newsletter

Related Articles

Arab Press
0:00
0:00
Close
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Trump Backs Putin’s Land-for-Peace Proposal Amid Kyiv’s Rejection
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
Iranian Protection Offers Chinese Vehicle Shipments a Cost Advantage over Japanese and Korean Makers
United States Sells Luxury Yacht Amadea, Valued at Approximately $325 Million, in First Sale of a Seized Russian Yacht Since the Invasion of Ukraine
Saudi Arabia accelerates renewables to curb domestic oil use
Cristiano Ronaldo and Georgina Rodríguez announce engagement
Asia-Pacific dominates world’s busiest flight routes, with South Korea’s Jeju–Seoul corridor leading global rankings
Private Welsh island with 19th-century fort listed for sale at over £3 million
Sam Altman challenges Elon Musk with plans for Neuralink rival
Australia to Recognize the State of Palestine at UN Assembly
The Collapse of the Programmer Dream: AI Experts Now the Real High-Earners
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Germany’s Economic Breakdown and the Return of Militarization: From Industrial Collapse to a New Offensive Strategy
Germany Enters Fiscal Crisis as Cabinet Approves €174 Billion in New Debt
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Politics is a good business: Barack Obama’s Reported Net Worth Growth, 1990–2025
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
President Trump Diagnosed with Chronic Venous Insufficiency After Leg Swelling
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Russia Formally Recognizes Taliban Government in Afghanistan
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Mediators Edge Closer to Israel-Hamas Ceasefire Agreement
Germany Seeks Taliban Deal to Deport Afghan Migrants
Emirates Airline Expands Market Share with New $20 Million Campaign
Robots Compete in Football Tournament in China Amid Injuries
×