TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    I’ve been getting tons of “wrong number” spam texts, and I don’t hate it?

    July 3, 2022

    DeSantis benefits from ‘Trump fatigue’ ahead of possible 2024 face-off

    July 3, 2022

    Germany and Ireland attack Boris Johnson over Northern Ireland rules

    July 3, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      I’ve been getting tons of “wrong number” spam texts, and I don’t hate it?

      July 3, 2022

      Tesla’s run of record quarterly deliveries comes to an end thanks to China’s COVID shutdowns

      July 2, 2022

      Virgin Orbit successfully launches satellites during first night mission

      July 2, 2022

      Meta’s shutting down its digital wallet, Novi

      July 2, 2022

      TCL 30 XE 5G review: not bad for $200

      July 2, 2022
    • Business
    • Cyber Security

      Tips to bolster cybersecurity, incident response this 4th of July weekend

      July 1, 2022

      Jon Raper named CISO at Costco

      July 1, 2022

      2022 RSAC takeaways: Risk management vs compliance

      July 1, 2022

      3 security lessons we haven’t learned from the Kaseya breach

      July 1, 2022

      Auston Davis named CISO at Versant Health

      June 30, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Former U.S. Air Force Officer Indicted for Aiding Iranian Cyber Attacks
    Cyber Security

    Former U.S. Air Force Officer Indicted for Aiding Iranian Cyber Attacks

    February 14, 2019Updated:February 14, 2019No Comments5 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Former Air Force intelligence officer, Monica Elfriede Witt, has been charged with betraying her oath to protect and defend the United States and providing secret U.S. information to the Iranian government. Four named Iranian citizens affiliated with the Iranian Revolutionary Guard Corps (IRGC), have also been charged with various cyber-related conspiracies using information provided by Witt.

    The charges were unveiled Wednesday in a grand jury indictment (PDF) following four years of investigation by the FBI and the Air Force Office of Special Investigations (AFOSI). The named Iranians are Mojtaba Masoumpour, Behzad Mesri, Hossein Parvar, and Mohamad Paryar.

    Witt joined the Air Force in 1997 and served as a special agent with AFOSI with access to top secret information — including the true identity of intelligence sources and other U.S. agents. She served until 2008, but then did two further years DOD work as a contractor.

    She converted to Islam in 2012. In June 2012, she was visited in the U.S. by a ‘spotter’ for the Iranian government, described in the indictment as ‘Individual A’. With his assistance, she defected to Iran in August 2013.

    The indictment alleges that in 2015 her special knowledge of U.S. agents helped the four Iranians craft and deliver spear-phishing messages that could have led to major computer intrusions on U.S. government networks. The primary targets are specified in the indictment as Agents 1 through 8. 

    In one attempt, the Iranians (the conspirators) created a fake Facebook account in the name of Bella Wood, and sent a ‘friend’ request to Agent 2. This was accepted. This allowed them to later email Agent 2 as a known friend (bella.wood87(at)yahoo.com) with a ‘friend’ card. The email link to the card, had it been clicked, would have taken the agent to a server controlled by the conspirators.

    Agent 2 did not click the link, but the conspirators now knew that the email had been opened via a DOD network located in Kabul, Afghanistan. They sent a second email offering photos of Bella Wood, but claiming Agent 2 would need to deactivate his anti-virus in order to get them, and that “they should be opened in your computer honey.” The link again went to the conspirators’ server.

    In another attack, the conspirators created an imposter Facebook account in the true name of Agent 3, using information and photos from Agent 3’s legitimate Facebook account. This account sent a friend request to Agent 1, who accepted. The imposter account subsequently messaged Agent 1 with an attachment purporting to be a JPG file. Had it been opened, it would have launched malware able to give the conspirators “covert, persistent access on USG Agent 1’s computer and any associated network.”

    The same imposter account simultaneously friended Agent 4, and subsequently asked for help in opening a photo album that wouldn’t work on the imposter’s laptop. Agent 4 simply defriended the imposter.

    Agent 5, however, both friended the imposter and added it to a private Facebook group ‘composed primarily of USG Agents’. “By joining the group,” says the indictment, “the Cyber Conspirators obtained greater access to information regarding USG Agents.”

    Two months later, the imposter account sent separate messages to Agents 2,6,7 and 8. Each contained a link to what appeared to be a legitimate news story. The message asked if the article was about the recipient, but the link was directed to a page controlled by the conspirators. It isn’t clear from the indictment whether this was entirely spoofed, or whether the conspirators had compromised the news agency and set up a fake page within it.

    Outside of Facebook, the conspirators attempted email spear-phishing. They designed an email that appeared to come from Agent 7, using his true name followed by ‘@ogn.af.mil’, which is a genuine U.S. government domain. The indictment does not clarify who this email was sent to, nor what it contained.

    The conspirators also designed a ‘reset password’ email that appeared to come from ‘[email protected]‘. Had it been accepted as genuine, it would have given the conspirators the Agents’ true Facebook account credentials — but again, the indictment gives no further details.

    In announcing the allegations, Assistant Attorney General Demers said, “Monica Witt is charged with revealing to the Iranian regime a highly classified intelligence program and the identity of a U.S. Intelligence Officer, all in violation of the law, her solemn oath to protect and defend our country, and the bounds of human decency,” 

    He continued, “Four Iranian cyber hackers are also charged with various computer crimes targeting members of the U.S. intelligence community who were Ms. Witt’s former colleagues. This case underscores the dangers to our intelligence professionals and the lengths our adversaries will go to identify them, expose them, target them, and, in a few rare cases, ultimately turn them against the nation they swore to protect.  When our intelligence professionals are targeted or betrayed, the National Security Division will relentlessly pursue justice against the wrong-doers.”

    Witt and the four Iranian conspirators are all believed to be in Iran. Arrest warrants have been issued, and they will be arrested if they leave the country.

    Related: Facebook Takes Down Vast Iran-led Manipulation Campaign 

    Related: Iran-Linked Hackers Use Just-in-Time Creation of Weaponized Attack Docs 

    Related: Iran Hackers Hunt Nuke Workers, US Officials 

    Related: Israel Blocks Iran Cyber-attacks ‘Daily’: Netanyahu 

    Related: U.S. Charges Two Iranians Over SamSam Ransomware Attacks 

    Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

    Previous Columns by Kevin Townsend:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Tips to bolster cybersecurity, incident response this 4th of July weekend

    July 1, 2022 Cyber Security

    Jon Raper named CISO at Costco

    July 1, 2022 Cyber Security

    2022 RSAC takeaways: Risk management vs compliance

    July 1, 2022 Cyber Security

    3 security lessons we haven’t learned from the Kaseya breach

    July 1, 2022 Cyber Security

    Auston Davis named CISO at Versant Health

    June 30, 2022 Cyber Security

    Lessons learned from slew of recent data breaches

    June 30, 2022 Cyber Security
    Editors Picks

    DeSantis benefits from ‘Trump fatigue’ ahead of possible 2024 face-off

    July 3, 2022

    Germany and Ireland attack Boris Johnson over Northern Ireland rules

    July 3, 2022

    Biden administration split on whether to remove China tariffs

    July 3, 2022

    Covid vaccines: how can immune imprinting help experts to rethink jabs?

    July 3, 2022
    Trending Now

    Special treatment for Tesla not in India’s ‘interest’, Ola says

    By techbizweb

    NFT Sales Slide to a 12-Month Low Amid Crypto Meltdown

    By techbizweb

    China’s rise pushes Asia-Pacific nations to embrace Nato

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.