Iran Planned to Trap Spies by Creating Fake Companies

---

A new study by the American cybersecurity company Mandiant, a subsidiary of Alphabet, revealed that an Iranian hacking group ran a network of fake human resources companies to trap spies among national security officials in Iran, Syria, and Lebanon.

• Washington Post reveals how Lebanese pay the price for Iranian threats and ongoing Hezbollah-Israel clashes

• Iranian Attempt to Hack Accounts of U.S. Presidential Campaign Officials

The researchers indicated that the hackers are somehow linked to a group known as APT42 or Charming Kitten, which was recently accused of hacking the U.S. presidential campaign of Republican candidate Donald Trump.

The group is widely attributed to an intelligence division of the Iranian Revolutionary Guard. The FBI has stated that it is investigating the group’s ongoing attempts to interfere in the 2024 U.S. elections.

• Fearing Devastating Effects, Iranian President Urges Supreme Leader Not to Attack Israel

• The Assassination of Haniyeh Puts 20 People Under Arrest and Investigation in Iran: What Does This Mean?

The group has been active since at least 2017 and was recently still active. At various times, the Iranians made their operation appear as if it was run by Israelis. Analysts suggest that the probable purpose of this deception was to identify individuals in the Middle East willing to sell secrets to Israel and other Western governments. The group targeted military and intelligence personnel associated with Iran’s allies in the region.

Mandiant’s report stated that “the data collected through this campaign could help Iranian intelligence identify individuals willing to cooperate with countries hostile to Iran. The collected data could be used to uncover intelligence operations against Iran and pursue any Iranian suspected of involvement in these operations.”

• New York Times Reveals: Iranian Supreme Leader Ordered Direct Strike on Israel

• Who is the leader Ziyad al-Nakhalah, companion of Haniyeh before his death in Iran?

The company found that the spies used a network of websites impersonating human resources companies to manipulate targeted Persian-speaking individuals.

Among these fake companies were VIP Human Solution, also known as VIP Recruitment, Optima HR, and Kandovan HR.

They leveraged dozens of fake online profiles on platforms like Twitter, Telegram, YouTube, or Verasti, a popular platform in Iran, to promote the fake companies. Almost all accounts associated with these operations have now been deleted from the internet.

• Nasrallah and Hamas Meeting: An Indication of Support and Escalation or an Attempt at Calm?

• Leaks from the Secret Meeting: Iran Refuses to Support Hezbollah and its Iraqi Militias Against Israel

A statement on one of the websites read: “VIP Recruitment is a recruitment center for respected military personnel in the army, security, and intelligence services from Syria and Hezbollah in Lebanon. Join us to help each other influence the world. We have to protect your privacy.”

The hackers created a vast network using different social media platforms to spread links to their fake companies. It is unclear how many targets ultimately fell into the trap.

• Associated Press: Iran Develops its Nuclear Program by Installing a Series of Centrifuges

• A Hypersonic Missile: The secrets of Iranian funding for Houthi armament

Mandiant said that the collected data, including addresses, contact information, and other details related to resumes, could still be exploited in the future.

Iran has been accused of attempting to influence the U.S. presidential elections through the campaigns of Trump and Democratic candidate Kamala Harris, though Iranian authorities deny all these charges.