Russian Hackers are now launching cyber attacks embedded in social media posts and the latest victim who fell victim to this spear phishing campaign is a top official from Pentagon.
According to Times Magazine, Russian hackers are now launching cyber attacks on government officials of United States by attaching malicious links to Twitter posts. The news resource adds that the accounts which launch these campaigns are usually operated by bots which invite users to click on malicious links.
The links are titled with some attention seeking captions like family friendly vacation package for the summer or tweet from US President. But in reality, these tweets are fake and have phishing campaigns embedded in them.
According to cyber security experts of Kaspersky, hackers have turned intelligent as they have stopped email phishing campaigns and have started to use social media posts to break into the Defense Department’s Computer Network. And due to human negligence or errors, many people are falling victim to such posts.
Experts say that once an attack is launched and a victim falls prey, hackers are moving quickly through that person’s friend network, leading to a situation where the entire department at the Pentagon could be targeted.
Accounts from Twitter and Facebook are being used as launch vehicles of such attacks and reports say that more than 10K Twitter accounts belonging to the department of defense have been spear phished with personal messages targeted to specific users.
In an experiment last year, a company named ZeroFox tried to mimic the hackers’ campaign by launching an automated program that was tweaked to send spear phishing links to Twitter users. In over two hour’s time, the campaign sent links to around 819 people, at a rate of roughly 6.75messages per minute. Out of them 275 users opened the link and were marked as easy targets to hackers.
So, the experiment proved how vulnerable are those using Twitter and Facebook especially those from military and defense sector who are using social media