Microsoft says it has thwarted a series of cyberattacks by Iranian hacking group Phosphorus targeting attendees to two high-profile international conferences.
Microsoft’s Threat Intelligence Information Center (MSITC) says it’s detected and intercepted attempts by the nation-state group to harvest credentials of more than 100 “high-profile individuals” thought to be attending the upcoming Munich Security Conference, as well as the Think 20 (T20) Summit in Saudi Arabia.
According to Microsoft, the group posed as event organizers and sent spoofed invitations to the victims via email, with the intention of fooling them into giving up information.
SEE: Network security policy (TechRepublic Premium)
The emails were written in “near-perfect English” and were sent to former government officials, policy experts, academics and leaders from non-governmental organizations, Microsoft said.
It’s unclear whether any compromising information was given up to the group, although Microsoft said that event organizers had been made aware of the hacking attempt,