Cybersecurity researchers have identified a scheme involving Iranian hackers posing as job recruiters to target software engineers, particularly in the aviation and oil sectors. The malicious campaign coincided with the ongoing conflict between the US and Israel and Iran, utilizing fake job advertisements and compromised video conferencing platforms.
According to experts from Palo Alto Networks’ Unit 42, the hackers have primarily aimed at organizations in the aviation and oil industries, including a US oil and gas firm, as well as entities in Israel and the UAE. Although no breaches of these specific firms have been confirmed, there are indications that other targets may have been compromised.
The initiative reflects a broader asymmetric threat that US intelligence has highlighted, especially following military actions against Iran in February. The hackers’ approach included impersonating a US airline, emphasizing their intent to gather intelligence that could aid Iran's strategic positioning amid external pressures.
While US officials remain vigilant for signs of Iranian cyber activities impacting critical infrastructure, the Aviation Information Sharing and Analysis Center has noted that the recent espionage efforts have not demonstrated successful incursions into major aviation and oil companies.