Iranian hackers pose as female to honeypot defence contractor

An Iranian linked hacking group spent years cultivating a Facebook profile to target a defence contractor with malware, cyber security company Proofpoint has found.

A multi-year campaign by an Iranian hacking group considered to be linked to the Islamic Revolutionary Guard Corps (IRGC) to hack the computer of a defence contractor was uncovered by cyber security company Proofpoint this week.

Carefully crafting the character Marcela (Marcy) Flores, the hackers added their target as a friend on Facebook in late 2019 before kickstarting their online friendship by exchanging messages in November of the following year. The cyber criminals finally struck in June 2021, attempting to infect the target’s computer with malware via an email.

The target works as a defence contractor in the aerospace industry in the US.