International diplomat-targeted spear-phishing launched by Iranian hackers

Numerous embassies, consulates, and international entities around the world, particularly in Europe and Africa, have been targeted by Iranian hackers linked to the Homeland Justice operation in a widespread coordinated spear-phishing campaign, reports The Hacker News.

Malicious emails purporting to be legitimate diplomatic messages tackling the ongoing Israel-Iran conflict have been used by attackers to distribute an illicit Microsoft Word file that lures recipients into enabling content that would eventually result in the deployment of data exfiltrating malware, according to an analysis from Israeli cybersecurity firm Dream.

Threat actors have used more than 100 email addresses from government officials and government organizations, including the Oman Ministry of Foreign Affairs in Paris, to deliver the nefarious emails. Such findings follow a ClearSky report detailing the exploitation of the Oman Ministry of Foreign Affairs in a phishing campaign against foreign ministries.

"Similar obfuscation techniques were used by Iranian threat actors in 2023 when they targeted Mojahedin-e-Khalq in Albania. We assess with moderate confidence that this activity is linked to the same Iranian threat actors," said Clearsky in a post on X, formerly Twitter.