Expanded attacks launched by Iranian threat operation

Iranian hacking operation Charming Kitten, also known as TA453, APT42, and Phosphorous, has expanded its operations to target critical infrastructure, medical researchers, and U.S. politicians, CyberScoop reports. Travel agencies, a realtor involved in the sale of properties near the U.S. Central Command headquarters, and an aerospace engineer have also been targeted by outlier Charming Kitten campaigns, a report from Proofpoint revealed. Charming Kitten malware has also been associated with an attack against former National Security Adviser John Bolton's "close affiliate," according to the report. Moreover, at least three social engineering campaigns conducted by Charming Kitten involved the use of the "Samantha Wolf," the first of which was targeted at an energy company in the Middle East while succeeding attacks were aimed at a U.S.-based academic and senior U.S. and European government officials. "We believe that this activity reflects the groups flexible mandate and possible ad hoc support to hostile operations by Iranian state actors, including the Islamic Revolutionary Guard Corps," said Proofpoint Vice President of Threat Research and Detection Sherrod DeGrippo.