CryptocurrencyCyber CrimeHackingInfrastructureIntelligenceLandscapesNational DefenseNational SecurityOSINTSecurityTerrorism

State Sponsored Spying Malware Attacks On Journalists

State-sponsored hackers from China, North Korea, Iran and Turkey have been regularly spying on and impersonating journalists from various media outlets in an effort to infiltrate their networks and gain access to sensitive information, according to a report released on Thursday by cybersecurity firm Proofpoint.

The report reveals that government-backed hackers used various tools to target journalists, including sending phishing emails to gain access to reporters’ work emails, social media accounts and networks.

The report also suggested that state-sponsored hackers routinely pose as members of the media because of the “unique access and information they can provide,” to those countries’ governments.

The hackers could potentially use information they obtained from compromised accounts to spread pro-state propaganda and influence “a politically charged atmosphere.”

“A well-timed, successful attack on a journalist’s email account could provide insights into sensitive, budding stories and source identification,” the report said.

In one of the operations, the report found that since early 2021, Chinese-backed hackers engaged in numerous phishing attacks mainly targeting U.S.-based journalists covering U.S. politics and national security.

Some of the malicious emails would have subject lines pulled from recent U.S. headlines, including “Trump call to Georgia official might violate state and federal law,” “US issues Russia threat to China,” and “Jobless benefits run out as Trump resists signing relief bill.”

The attacks also appeared to surge during moments that garnered international attention. For instance, the researchers found an increase in phishing attacks against journalists in the days leading up to the Jan. 6 insurrection.

The researchers concluded their report with a warning to journalists to protect themselves and their sources because these types of attacks are likely to persist as state-sponsored hackers attempt to gather more sensitive information and manipulate public perception.

From The Shadows Emerges Knowledge