Iranian hackers ramp up digital attacks on U.S. political campaigns

Elections are coming up, and threat actors are ramping up efforts to manipulate voters and attack political campaigns. Cybersecurity researchers have discovered new network infrastructure set up by Iranian hackers, aimed at targeting US political campaigns. They use phishing emails and links to trick users into installing malicious software, often pretending to be cloud services.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

 

What you need to know

The infrastructure has been discovered by Recorded Future’s Insikt Group, which has been tracking it since June 2024. The cybersecurity company has linked the infrastructure to GreenCharlie, an Iran-nexus cyber threat group with connections to Mint Sandstorm, Charming Kitten, and APT42.

“GreenCharlie’s phishing operations are highly targeted, often employing social engineering techniques that exploit current events and political tensions,” Recorded Future said.

The hackers have set up their systems very carefully, using specific services to create websites for phishing attacks. These fake websites often look like they belong to cloud services, file-sharing platforms, or document-viewing tools to trick people into sharing personal information or downloading harmful files.

Some examples of these fake website names include “cloud,” “uptimezone,” “doceditor,” “joincloud,” and “pageviewer.” Most of these sites were registered with the .info domain, which is a change from the other domains like .xyz, .icu, and .online that hackers used in the past.

 

DON’T FALL PREY TO THIS ELECTION SEASON’S CRAFTIEST SCAMS

 

It’s not their first rodeo

The threat actors are known for launching highly targeted phishing attacks, where they use sophisticated social engineering tricks to infect users with malware. Some of the malware they use includes POWERSTAR (also known as CharmPower and GorjolEcho) and GORBLE, which was recently identified by Google’s Mandiant as being used in attacks against Israel and the U.S.

“Iran and its associated cyber-espionage actors have consistently demonstrated both the intent and capability to engage in influence and interference operations targeting US elections and domestic information spaces. These campaigns are likely to continue utilizing hack-and-leak tactics aimed at undermining or supporting political candidates, influencing voter behavior, and fostering discord,” noted the cybersecurity company.

 

HACKED, SCAMMED, EXPOSED: WHY YOU’RE ONE STEP AWAY FROM DISASTER ONLINE

 

Phishing attacks are more advanced than ever

A phishing email or message is often the start of a cyber attack. Hackers send you a link that is designed to look legitimate, but it’s not. Instead, it delivers malware to your computer, giving hackers access to your system and allowing them to steal your money and data. You can’t blame yourself if you don’t recognize a phishing link.

Earlier this month, I reported on malware called ‘Voldemort,’ which tricks people into clicking malicious links by pretending to be a government agency. This highlights how clever these scammers are in using deceptive techniques to infect your devices.

The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.

My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2024

 

 

4 additional ways to protect yourself from phishing attacks

To protect yourself from phishing attacks that use fake cloud services and other deceptive tactics, here are some specific steps you can take.

1) Verify website URLs: Always check the URL of a website before entering any sensitive information. Look for signs of a secure connection, such as “https://” and a padlock symbol in the browser’s address bar. Be cautious of slight misspellings or unusual domain extensions like .info.

 

2) Invest in data removal services: Hackers target you based on your publicly available information. That could be anything from your leaked info through a data breach to the information you provided to an e-commerce shop.

A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.

Special for CyberGuy Readers (60% off):  Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $5.99/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 190+ data brokers. You can add up to 3 emails, 3 home addresses and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. 

I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.

Get Incogni here

Get Incogni for your family (up to 4 people) here.

 

3) Keep software and systems updated: Regularly updating your operating system, browsers, and security software is crucial to protect against vulnerabilities that hackers could exploit. Updates often include security patches, bug fixes, and performance improvements. Enable automatic updates to ensure you don’t miss important patches. Manually check for updates if automatic options aren’t available. Staying current helps maintain device security and functionality.

 

4) Use strong, unique passwords: Employ strong, unique passwords for each account to prevent unauthorized access. Create passwords with a mix of letters, numbers, and symbols, and avoid using the same password for multiple accounts. Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess.

One of the best password managers out there is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option which includes 5 family members for $60/year.

Get more details about my best expert-reviewed Password Managers of 2024 here.

Best Password Managers expert reviewed 2024

 

THE 3 MOST DANGEROUS TECH THREATS TO THE 2024 ELECTIONS

 

Kurt’s key takeaway

US elections not only matter to Americans but also to the rest of the world, which is one reason foreign adversaries are attempting to manipulate the campaigns. Hackers are working hard to infect people’s devices to conduct espionage, spread misinformation, and cause financial losses. The best thing you can do is stay alert, avoid clicking any links you don’t trust, and invest in antivirus software. Hackers are changing their methods, so it’s important to take advantage of the available tools to protect yourself.

Do you verify the authenticity of a website or email before clicking on links or providing personal information? Let us know in the comments below.

FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you