Home > Cyber News > 200 Facebook Accounts Run by Iranian Hackers Suspended

200 Facebook Accounts Run by Iranian Hackers Suspended

200 Facebook Accounts Run Iranian Hackers Suspended SensorsTechForum

The latest news shared by one of the social media giants – Facebook, states that the company had suspended the accounts of 200 Iranian hackers who had been running a cyber-spying operation against people working for the U.S. military and defense and aerospace companies’ employees.

The group named “Tortoiseshell” by security experts used fake online personalities as a way to connect with targets. They implemented vicious strategies to build trust and then prompted targets to visit malicious links that infect machines with spying malware.

Multiple Social Media Platforms Part of the Operation

To appear more credible, hackers pretended to be recruiters or representatives from credible aerospace and defense companies. They further made fictitious profiles across multiple social media platforms including LinkedIn and Twitter. Twitter said it was “actively investigating” the information in Facebook’s report while LinkedIn reported the removal of a number of accounts.

The malware was also distributed via malicious Microsoft Excel spreadsheets and phishing campaigns on Gmail. The workplace messaging app Slack informed that it had taken actions to take down hackers’ accounts that were misused for social engineering and other vicious activities that violated its services.

An Operation in Action Since Mid of 2020

A whole set of technologies was reported to be used by the Iran hacking group “Tortoiseshell” including fake recruiting websites for defense companies, and a whole online infrastructure masqueraded as a legitimate job platform for the US Department of Labor. In addition,

The campaign appeared to show an expansion of the group’s activity, which had previously been reported to concentrate mostly on the I.T. and other industries in the Middle East, Facebook said


Facebook said the hackers mostly targeted people in the United States, but victims were found in the United Kingdom and Europe as well. The vast cyber-spying campaign had been running since mid-2020.

This is not the first time when the social media giant Facebook is abused by cyber criminals. Lately, we have reported another case where the phone numbers of millions of Facebook users were scraped from people’s profiles by malicious actors.

In conclusion to the current case, Facebook said it had blocked the malicious domains that were shared by hackers and Google informed it had added the domains to its “blocklist.”

Gergana Ivanova

Highly motivated writer with 5+ years of experience writing for ransomware, malware, adware, PUPs, and other cybersecurity-related issues. As a writer, I strive to create content that is based on thorough technical research. I find joy in the process of creating articles that are easy to understand, informative, and useful. Follow me on Twitter (@IRGergana) for the latest in the field of computer, mobile, and online security.

More Posts

Follow Me:
Google Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree