SAN FRANCISCO/WASHINGTON/LONDON: Hackers working in the interests of the Iranian government have attempted to break into the personal email accounts of staff at the World Health Organization during the coronavirus outbreak, four people with knowledge of the matter told Reuters.
It is not clear if any accounts were compromised, but the attacks show how the WHO and other organizations at the center of a global effort to contain the coronavirus have come under a sustained digital bombardment by hackers seeking information about the outbreak.
Reuters reported in March that hacking attempts against the United Nations health agency and its partners had more than doubled since the beginning of the coronavirus crisis, which has now killed more than 40,000 worldwide.
The latest effort has been ongoing since March 2 and attempted to steal passwords from WHO staff by sending malicious messages designed to mimic Google web services to their personal email accounts, a common hacking technique known as “phishing,” according to four people briefed on the attacks. Reuters confirmed their findings by reviewing a string of malicious websites and other forensic data.
“We’ve seen some targeting by what looks like Iranian government-backed attackers targeting international health organizations generally via phishing,” said one of the sources, who works for a large technology company that monitors Internet traffic for malicious cyber activity.
WHO spokesman Tarik Jasarevic confirmed that personal email accounts of WHO staff were being targeted by phishing attacks, but said the WHO did not know who was responsible. “To the best of our knowledge, none of these hacking attempts were successful,” he said.
Iran’s government denied any involvement. “These are all sheer lies to put more pressure on Iran,” said a spokesman at Iran’s information technology ministry. “Iran has been a victim of hacking.”
Karim Hijazi, chief executive of cyber intelligence firm Prevailion, shared his recently captured data with Reuters that shows a sophisticated hacking group was actively targeting the global health organization. Reuters couldn’t independently confirm his analysis. Hijazi said the identity of the hackers was difficult to determine, although their techniques appeared advanced.
The intrusion attempts are distinct from others reported by Reuters last week, which sources said were thought to be the work of an advanced group of hackers known as DarkHotel that has previously been active in East Asia — an area that has been particularly affected by the coronavirus.
The motives of the hackers was not clear, but targeting officials at their personal accounts is a longstanding intelligence-gathering technique.
Other details in this phishing attempt point to links with Tehran. For example, Reuters found that the same malicious websites used in the WHO break-in attempts were deployed around the same time to target American academics with ties to Iran.
The related activity — which saw the hackers impersonate a well-known researcher — parallels cases Reuters previously documented where alleged Iranian hackers masqueraded as media figures from organizations such as CNN or The New York Times to trick their targets.
Iran has suffered enormous loss of life from the coronavirus, and infections have reached the inner circle of the country’s leadership.
A person close to US intelligence said he was aware of the Iranian campaign and that such attacks are standard fare during times of international crisis.
While large prizes for intelligence agencies would include coronavirus response plans for various countries or word of effective treatments, more benign data, such as WHO estimates for infection rates, would also be valuable, the person said.
Hackers linked to Iran target WHO staff emails during coronavirus
https://arab.news/b2shx
Hackers linked to Iran target WHO staff emails during coronavirus
- Attacks show how the WHO and other organizations at the center of a global effort to contain the coronavirus have come under a sustained digital bombardment by hackers
- Large prizes for intelligence agencies would include coronavirus response plans for various countries, or word of effective treatments
Police suspect suicide bomber behind Nigeria’s deadly mosque blast
- Nigeria police said Thursday that they suspected a suicide bomber was behind the blast that killed several worshippers in a mosque on Christmas eve in the country’s northeastern Borno state
MAIDUGURI: Nigeria police said Thursday that they suspected a suicide bomber was behind the blast that killed several worshippers in a mosque on Christmas eve in the country’s northeastern Borno state.
A police spokesman put the death toll at five, with 35 wounded. A witness on Wednesday told AFP that eight people were killed.
The bomb went off inside the crowded Al-Adum Juma’at Mosque at Gamboru market in the capital city of Maiduguri, as Muslim faithful gathered for evening prayers around 6:00 p.m. (1700 GMT), according to witnesses and the police.
“An unknown individual, whom we suspect to be a member of a terrorist group, entered inside the mosque, and while prayer was ongoing, we recorded an explosion,” police spokesman Nahum Daso told journalists.
Daso said in a statement late on Wednesday that the “incident may have been a suicide bombing, based on the recovery of fragments of a suspected suicide vest and witness statements.”
Police officials have been deployed to markets, worship centers and other public places in the wake of the blast.
Nigeria has been battling a jihadist insurgency since 2009 by jihadist groups Boko Haram and an offshoot, Islamic State West Africa Province (ISWAP), in a conflict that has killed at least 40,000 and displaced around two million from their homes in the northeast, according to the UN.
Although the conflict has been largely limited to the northeastern region, jihadist attacks have been recorded in other parts of the west African nation.
Maiduguri itself — once the scene of nightly gunbattles and bombings — has been calm in recent years, with the last major attack recorded in 2021.
