RESEARCHERS have spotted a sophisticated email phishing attack, and it's said to come from a threat actor known as Charming Kitten.
Experts said Charming Kitten is based in Iran and aims to distribute a new version of a type of malware called Powerstar.
Charming Kitten is said to be a threat actor based in Iran that has been spreading malwareCredit: GettyCyber specialists at Volexity explained the phishing attack on their blog.
They said: "Spear-phishing campaigns now often involve individual, tailored messages that engage in dialogue with each target, sometimes over a period of several days, before a malicious link or file attachment is ever sent."
And, added: "One threat actor Volexity frequently sees employing these techniques is Charming Kitten, who is believed to be operating out of Iran.
Millions of iPhone owners urged to check 'hidden mode' that can keep you safe"Charming Kitten appears to be primarily concerned with collecting intelligence by compromising account credentials and, subsequently, the email of individuals they successfully spear phish.
"The group will often extract any other credentials or access they can, and then attempt to pivot to other systems, such as those accessible via corporate virtual private networks (VPNs) or other remote access services."
Volexity experts found a situation in which the threat actor was pretending to be a reporter in order to gain the trust of an individual they wanted to steal from.
The target was someone who had just published an article about Iran.
Charming Kitten then spoofed an email address in order to send malware to the inbox of the victim.
The Volexity researchers explained: "Prior to sending malware to the target, the attacker simply asked if the target would be open to reviewing a document they had written related to US foreign policy.
"The target agreed to do so, since this was not an unusual request; they are frequently asked by journalists to review opinion pieces relating to their field of work.”
This technique is commonly used by cybercriminals to convince victims to download malware.
Even if you receive an email from someone you trust, it's still worth exercising caution before you click on any links or download any documents.
Malware can ruin your device and also steal important data.
Five 'red flags' that millions of iPhone and Android users must look out forIf you receive a suspicious email at work it's always worth reporting it.