Latest Articles

Fake Interview: The New Activity of Charming Kitten

Fake Interview: The New Activity of Charming Kitten

Certfa Lab has identified a new series of phishing attacks from the Charming Kitten, the Iranian hacking group who has a close relationship with Iran’s state and Intelligence services. According to our investigation, these new attacks have targeted journalists, political and human rights activists. These phishing attacks are in line with the previous activities of the group that companies like ClearSky and Microsoft have reported in detail in September and October 2019.

Assessing Security Standards in Iranian State Websites

Assessing Security Standards in Iranian State Websites

Our assessment in CERTFA Lab shows Atomic Energy Organization of Iran (AEOI) is the only website that has applied basic security standards on their website. As a result, more than 60% of the Iranian state websites are not secure and they do not follow the basic standard in terms of implementation of general protocols and configuration for HTTP response.

Assessing Security Standards in Popular Iranian Websites

Assessing Security Standards in Popular Iranian Websites

Our research in CERTFA Lab on popular Iranian websites show that the security of Iranian websites is not different from the global level, and very few websites are fully utilizing the security standards and modern technologies.

Weaponizing of Google Cloud Storage for phishing attacks

Weaponizing of Google Cloud Storage for phishing attacks

Our recent research in Certfa Lab shows that hackers are using Google Cloud Storage (GCS) to host phishing kits and redirect users to harmful pages on other websites.

The Return of The Charming Kitten

The Return of The Charming Kitten

Phishing attacks are the most common form of infiltration used by Iranian state-backed hackers to gain access into accounts. Certfa reviews the latest campaign of phishing attacks that has been carried out and dubbed as “The Return of The Charming Kitten”.

PushIran.DL Malware Family

PushIran.DL Malware Family

In this report, Certfa will discuss a group of malware named PushIran.DL. The malware has in effect created a major advertising botnet that can be distributed and used in various ways to exploit users.