A new report published Wednesday says suspected Iranian hackers created a network of fake LinkedIn accounts in an apparent attempt to try to entice potential victims, mostly in the Middle East, to cough up sensitive information.
Cybersecurity firm Dell SecureWorks said its researchers identified 25 fake accounts traced to an Iran-based hacker group it dubbed Threat Group-2889.
A few of the accounts were of "leader" figures — their LinkedIn profiles suggested they held important jobs in technology, banking, oil and other industries, and some had more than 500 connections. Others were of "supporters" — profiles created to give endorsements and credibility to the "leaders."
"The level of detail in the profiles suggests that the threat actors invested substantial time and effort into creating and maintaining these personas," the report said. "The photos used in the fake accounts are likely of innocent individuals who have no connection to TG-2889 activity."
LinkedIn did not immediately respond to a request for comment from NBC News. A company spokeswoman told the Wall Street Journal that the fake profiles have all since been removed.
In analyzing the fake profiles, the Dell SecureWorks researchers concluded that hackers were targeting victims across the globe, but particularly in the Middle East. A quarter of the alleged targets work in the telecommunications industry, so the hackers were probably trying to acquire data or gain access to services of those companies, the report said. Other alleged targets work for Middle Eastern governments and for defense organizations based in the Middle East and South Asia.
The report didn't determine whether the hackers were able to squeeze any valuable information from the targets.