Saudi Arabia has shut down half of its oil production after drones attacked the world's largest oil processing facility in the kingdom.Marketsread more
Yemen's Houthi rebels have claimed responsibility for the attacks, which created a huge fire at a processor essential to global energy supplies.Politicsread more
Oil prices are expected to jump as much as $10 per barrel after a coordinated drone strike hit Saudi Arabia's largest oil field, forcing the kingdom to cut its oil output in...Marketsread more
Trusii's hydrogen water machines were supposed to help users with their health problems, but customers claim the company is involved in a giant scam.Technologyread more
The decoupling of the world's two weightiest economies seems as inescapable as its extent and global impact remains incalculable.Politicsread more
The trucking industry is worth hundreds of billions of dollars per year. Uber is going after this market with Uber Freight, an online platform that matches truckers with...Technologyread more
BlackBerry has reinvented itself to become a leader in securing mobile communications and in embedded communications. Next year it plans to roll out new products. CEO John...Evolveread more
Trailers have become a cult phenomenon. Even short teasers that reveal little about the plot of the upcoming film are headline-worthy. Blogs and forums have become devoted...Entertainmentread more
Thanks to the performance of Beyond Meat, investors who focus on venture-backed tech IPOs have done well this year despite some notable disappointments.Technologyread more
Software company Intuit, maker of tax helper TurboTax, is in its eleventh year of stock gains and up 36% this year.Investingread more
CNBC did a deep dive through the most recent Wall Street research to find stocks with upside potential.Marketsread more
Dozens of social media accounts displaying suspicious behavior have been uncovered in a new report that sees pro-Iranian messaging promoted by profiles impersonating real people, as well as journalists and activists who don't seem to exist.
The accounts, which promoted often aggressive messages and hashtags in support of the Iranian government, have also taken on the personas of Republican members of congress and ordinary Americans, according to the latest investigative report from California-based cybersecurity firm FireEye.
The firm describes their findings as a "network of social media accounts" impersonating U.S. political candidates and "leveraging U.S. and Israeli media in support of Iranian interests."
While Iranian influence campaigns carried out from within the country are not new, FireEye's findings dissect yet more individual accounts that have surfaced in various media outlets engaging in "inauthentic behavior … that we assess with low confidence was organized in support of Iranian political interests," the report's authors said.
These profiles were included in a sweep of nearly 3,000 Twitter accounts that were removed by the social media giant, who says they originated in Iran.
Yoel Roth, head of site integrity at Twitter, posted a tweet last week saying that the accounts "employed a range of false personas to target conversations about political and social issues in Iran and globally. Some engaged directly through public replies with politicians, journalists, and others."
FireEye itself stresses the words "low confidence", adding that it has not yet been able to attribute the activity to a geographic location or to Iranian state sponsorship. But the behavior follows patterns that the company investigated last year, illustrated in its August 2018 report that uncovered an extensive network of fake news sites and associated accounts it believes were linked to the Islamic Republic and government cyber actors.
"Narratives promoted by these and other accounts in the network included anti-Saudi, anti-Israeli, and pro-Palestinian themes," the report mentioned. This included support for the 2015 Iran nuclear deal and criticism of the Trump administration's designation of Iran's Islamic Revolutionary Guard Corps (IRGC) as a Foreign Terrorist Organization.
While much of those positions are held by ordinary people, FireEye describes "several limited indicators that the network was operated by Iranian actors." Iran's Foreign Affairs Ministry did not reply to CNBC's request for comment, but the government in Tehran has denied accusations of offensive cyber activity.
Some accounts with American names of individuals claiming to be U.S.-based journalists — one for instance called "@AlexRyanNYC" who falsely claimed to be a Newsday journalist and had appropriated a genuine person's photo — had their under interfaces set to Persian or had posted tweets in Persian years back in their history, the report described. These individuals could not be traced to any other legitimate public profiles or company bios.
Another highlighted account in the FireEye report was a persona called "Mathew Obrien", who also claimed to be a Newsday reporter and had pro-Iranian government 'letters to the editor' published in various local U.S. newspapers in Texas.
The name would appear with slight spelling variations — also spelled Matthew O'Brien and Mathew Obrien — and claimed to be based in several different U.S. cities, while posting tweets in often faulty English, the report claimed. Several of the personas in this network falsely claimed affiliations with U.S. outlets like New York Daily News and the Seattle Times, and would often promote each other's tweets.
Lee Foster, FireEye's senior manager for information operations analysis, says the accounts are still being investigated.
"Some of (the personas) use the same headshot in different forums with different names, some submitted identical letters (to newspapers) but under different names… this leads us to suspect, with low confidence, that they're inauthentic. We do know it's possible that there is some authentic behavior there as well, but collectively, it's all very unusual."
Geographic attribution is hard to attain however, and the clues vary, he says. "You're looking for stronger technical indicators tying it to a geography, to a state, more than simply the behavior."
In previous investigations, FireEye's intelligence analysts have spotted indicators like heavy use of Persian language or Iranian phone numbers used to register accounts. Technical clues, like those found in cases of Russian-led security breaches, include forensic indicators in the malware being used. Persian has also been found in ransomware code targeting systems in different countries including Saudi Arabia, South Korea and the U.S.
Political influence campaigns, lately most associated with Russia but practiced by numerous actors, are on the rise as social media platforms and governments grapple with how to combat them.
Iran has been testing social media, influence campaigns and "temporary disruptive effects, similar to its data deletion attacks against dozens of Saudi governmental and private-sector networks in late 2016 and early 2017," officials from the Office of the Director of National Intelligence (ODNI) told Congress in January.
U.S. social media companies like Facebook and Twitter are increasingly — but tentatively — cooperating with U.S. intelligence on monitoring for misinformation campaigns, ODNI director Dan Coates said at the time, but the debate over the companies' roles in policing and removing online content continues.
—CNBC's Kate Fazzini contributed to this report.