Iranian hackers posed online as an aerobics instructor from England during a years-long operation to lure workers with US defence companies into divulging sensitive information, cyber security analysts say.
The group, known as TA456 or Tortoiseshell, sought out staff in subsidiaries and contractors in an effort to use them as a way to compromise larger companies in the supply chain, analysts at Proofpoint said.
One of the fake identities was Marcella Flores, who appeared to be a glamorous aerobics instructor and university graduate from Liverpool in north-west England.
The persona, operating on Facebook, Instagram and other social media sites, cultivated relationships with target employees before attempting to secretly compromise their computers, according to Proofpoint.
The Flores Facebook profile included a phrase in Spanish beneath "her" photo: “When the melody sounds, the footsteps start moving, the heart sings and the spirit starts dancing.”
Between November 2020 and June, the hackers used the Flores persona to send benign messages, photographs and a coquettish video to an intended victim who worked for a subsidiary of an aerospace contractor.
After attempting to build a trust relationship, the Flores account sent a fake survey about eating habits that was laced with malware that could steal usernames, passwords and other data from the infected computer. The email was signed "Marcy".
It was not clear if the hackers, believed to be aligned with the Islamic Revolutionary Guard Corps, successfully obtained data from their target.
“TA456's years-long dedication to significant social engineering, benign reconnaissance of targets before deploying malware, and their cross-platform kill chain makes them a very resourceful threat and signifies that they must be experiencing success in gaining information that meets their operational goals,” said Sherrod DeGrippo, senior director of threat research and detection at Proofpoint.
Proofpoint researchers said the Flores account was unlikely to be the only one used by the hackers.
This month, Proofpoint also exposed an Iranian group masquerading as a British-based academic during a cyber espionage campaign and compromised a website belonging to the School of Oriental and African Studies, University of London.
The Tortoiseshell hackers are among the most resourceful Iran-linked groups operating because of their patience and ingenuity, Ms DeGrippo said.
“This campaign demonstrates that even after an individual is targeted by a persona, it can take months or years for TA456 to attempt to deliver malware.
“Malicious actors will often utilise publicly available information about a target to build up a picture of their role, connections, access to information, and vulnerability to attacks. Oversharing on social media is a particularly risky behaviour in sensitive industries, so organisations should ensure employees are properly and frequently trained in security awareness,” she said.
Proofpoint and Facebook concluded the Flores account was bogus.
On July 15, Facebook removed it in a takedown of users suspected Iranian hacker activity.
Facebook said the accounts it removed were linked to a hacking group it identified as Tortoiseshell, which went after military personnel and companies in the defence and aerospace industries primarily in the US, UK and continental Europe.
“This group used various malicious tactics to identify its targets and infect their devices with malware to enable espionage,” Facebook said.
The names of the people and companies who became targets have not been revealed.
Coffee: black death or elixir of life?
It is among the greatest health debates of our time; splashed across newspapers with contradicting headlines - is coffee good for you or not?
Depending on what you read, it is either a cancer-causing, sleep-depriving, stomach ulcer-inducing black death or the secret to long life, cutting the chance of stroke, diabetes and cancer.
The latest research - a study of 8,412 people across the UK who each underwent an MRI heart scan - is intended to put to bed (caffeine allowing) conflicting reports of the pros and cons of consumption.
The study, funded by the British Heart Foundation, contradicted previous findings that it stiffens arteries, putting pressure on the heart and increasing the likelihood of a heart attack or stroke, leading to warnings to cut down.
Numerous studies have recognised the benefits of coffee in cutting oral and esophageal cancer, the risk of a stroke and cirrhosis of the liver.
The benefits are often linked to biologically active compounds including caffeine, flavonoids, lignans, and other polyphenols, which benefit the body. These and othetr coffee compounds regulate genes involved in DNA repair, have anti-inflammatory properties and are associated with lower risk of insulin resistance, which is linked to type-2 diabetes.
But as doctors warn, too much of anything is inadvisable. The British Heart Foundation found the heaviest coffee drinkers in the study were most likely to be men who smoked and drank alcohol regularly.
Excessive amounts of coffee also unsettle the stomach causing or contributing to stomach ulcers. It also stains the teeth over time, hampers absorption of minerals and vitamins like zinc and iron.
It also raises blood pressure, which is largely problematic for people with existing conditions.
So the heaviest drinkers of the black stuff - some in the study had up to 25 cups per day - may want to rein it in.
Rory Reynolds
Indoor cricket in a nutshell
Indoor Cricket World Cup – Sep 16-20, Insportz, Dubai
16 Indoor cricket matches are 16 overs per side
8 There are eight players per team
9 There have been nine Indoor Cricket World Cups for men. Australia have won every one.
5 Five runs are deducted from the score when a wickets falls
4 Batsmen bat in pairs, facing four overs per partnership
Scoring In indoor cricket, runs are scored by way of both physical and bonus runs. Physical runs are scored by both batsmen completing a run from one crease to the other. Bonus runs are scored when the ball hits a net in different zones, but only when at least one physical run is score.
Zones
A Front net, behind the striker and wicketkeeper: 0 runs
B Side nets, between the striker and halfway down the pitch: 1 run
C Side nets between halfway and the bowlers end: 2 runs
D Back net: 4 runs on the bounce, 6 runs on the full
More from Rashmee Roshan Lall
UAE currency: the story behind the money in your pockets
South Africa World Cup squad
South Africa: Faf du Plessis (c), Hashim Amla, Quinton de Kock (w), JP Duminy, Imran Tahir, Aiden Markram, David Miller, Lungi Ngidi, Anrich Nortje, Andile Phehlukwayo, Dwaine Pretorius, Kagiso Rabada, Tabraiz Shamsi, Dale Steyn, Rassie van der Dussen.
What the law says
Micro-retirement is not a recognised concept or employment status under Federal Decree Law No. 33 of 2021 on the Regulation of Labour Relations (as amended) (UAE Labour Law). As such, it reflects a voluntary work-life balance practice, rather than a recognised legal employment category, according to Dilini Loku, senior associate for law firm Gateley Middle East.
“Some companies may offer formal sabbatical policies or career break programmes; however, beyond such arrangements, there is no automatic right or statutory entitlement to extended breaks,” she explains.
“Any leave taken beyond statutory entitlements, such as annual leave, is typically regarded as unpaid leave in accordance with Article 33 of the UAE Labour Law. While employees may legally take unpaid leave, such requests are subject to the employer’s discretion and require approval.”
If an employee resigns to pursue micro-retirement, the employment contract is terminated, and the employer is under no legal obligation to rehire the employee in the future unless specific contractual agreements are in place (such as return-to-work arrangements), which are generally uncommon, Ms Loku adds.
The Settlers
Director: Louis Theroux
Starring: Daniella Weiss, Ari Abramowitz
Rating: 5/5
If you go
The flights
Emirates flies from Dubai to Funchal via Lisbon, with a connecting flight with Air Portugal. Economy class returns cost from Dh3,845 return including taxes.
The trip
The WalkMe app can be downloaded from the usual sources. If you don’t fancy doing the trip yourself, then Explore offers an eight-day levada trails tour from Dh3,050, not including flights.
The hotel
There isn’t another hotel anywhere in Madeira that matches the history and luxury of the Belmond Reid's Palace in Funchal. Doubles from Dh1,400 per night including taxes.
The%20specs%3A%202024%20Mercedes%20E200
%3Cp%3E%3Cstrong%3EEngine%3A%20%3C%2Fstrong%3E2.0-litre%20four-cyl%20turbo%20%2B%20mild%20hybrid%0D%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E204hp%20at%205%2C800rpm%20%2B23hp%20hybrid%20boost%0D%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E320Nm%20at%201%2C800rpm%20%2B205Nm%20hybrid%20boost%0D%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3E9-speed%20auto%0D%3Cbr%3E%3Cstrong%3EFuel%20consumption%3A%20%3C%2Fstrong%3E7.3L%2F100km%0D%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3ENovember%2FDecember%0D%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh205%2C000%20(estimate)%3C%2Fp%3E%0A
BUNDESLIGA FIXTURES
(All games 4-3pm kick UAE time) Bayern Munich v Augsburg, Borussia Dortmund v Bayer Leverkusen, Hoffenheim v Hertha Berlin, Wolfsburg v Mainz , Eintracht Frankfurt v Freiburg, Union Berlin v RB Leipzig, Cologne v Schalke , Werder Bremen v Borussia Monchengladbach, Stuttgart v Arminia Bielefeld
Specs
Engine: 51.5kW electric motor
Range: 400km
Power: 134bhp
Torque: 175Nm
Price: From Dh98,800
Available: Now
