Warning As Iranian State Hackers Target LinkedIn Users With Dangerous New Malware

TL;DR – don’t click links without thinking…:

[…] According to a FireEye blog post published on Thursday (July 18), the campaign targets specific industries that are clearly of interest to the regime in Teheran: “This threat group has conducted broad targeting across a variety of industries operating in the Middle East—however, we believe APT34’s strongest interest is gaining access to financial, energy, and government entities.”

In the reference case cited by FireEye, the counterfeit invitations masqueraded as coming from a Cambridge University researcher, with a plausible URL for the download of malicious attachments. “The targeted employee conversed with ‘Rebecca Watts’, allegedly employed as ‘Research Staff at the University of Cambridge’. This is not the first time we’ve seen APT34 utilize academia and/or job offer conversations in their various campaigns.”


Original article here