Charming Kitten Campaign involved new impersonation methods


Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September.

Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians. Microsoft Threat Intelligence Center (MSTIC) observed the APT group making more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts.

ClearSky researchers pointed out that these attacks represent a shift in the group tactics because this is the first time that the Charming Kitten group attempted to interfere in the elections of a foreign country.

The experts said, with medium-high confidence, that the campaign uncovered by Microsoft is the same campaign they observed over the past several months.