In January, SecureWorks found that Cobalt Gypsy targeted a Middle Eastern company with phishing attacks that appeared to come from legitimate email addresses at a variety of information technology firms. Those phishing emails contained the same malware, called PupyRAT, Mia sent to her victim.
According to new research from security firm SecureWorks, a hacking group linked to Iran is believed to be behind the staling of accounts in Linkedin. Their intent is to steal credentials from employees who would have access to their companies’ computer networks.
SecureWorks calls the hacking group Cobalt Gypsy, also known as OilRig by other researchers. The group has previously targeted Saudi Arabian oil, financial and tech executives, as well as Israeli corporate networks.