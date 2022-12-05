MOSCOW (UrduPoint News / Sputnik - 05th December, 2022) Tehran-backed hackers targeted two employees of Human Rights Watch (HRW) and almost 20 other senior activists, journalists, researchers, scientists, diplomats and politicians working on middle East issues as part of an ongoing identity phishing campaign, the watchdog said on Monday.

"Hackers backed by the Iranian government have targeted two Human Rights Watch staff members and at least 18 other high-profile activists, journalists, researchers, academics, diplomats, and politicians working on Middle East issues in an ongoing social engineering and credential phishing campaign," HRW said in a statement.

The watchdog's investigation attributed the phishing attack to an entity affiliated with the Iranian government known as APT42, the statement read. Email and other sensitive data of at least three of the 18 people affected were compromised, including a correspondent for a major US newspaper, a women's rights advocate based in the Gulf region, and an advocacy consultant for the Refugees International humanitarian organization, based in Lebanon.

"Iran's state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups.

This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region," Abir Ghattas, information security director at HRW, said.

According to HRW, social engineering and phishing attempts remain key components of Iranian cyber attacks. Since 2010, Iranian operators have targeted members of foreign governments, military and business circles, as well as political dissidents and human rights activists, the organization noted.

In September, US cybersecurity firm Mandiant said that APT42 was very likely sponsored by Iran to target individuals and organizations at home and abroad. The company found that the cyber espionage group has been active since at least 2015 and has sought to hack the e-mail accounts of Western government officials, former Iranian policymakers or political figures, members of the Iranian diaspora and opposition groups, Western journalists, think tanks and academics who studied Iran.