Academic Research Hack, That Cost Universities Across The Country over $3 Billion Dollars, Thwarted By South Carolina Startup
Thousands of researchers, professors and students spread out across 300 of the country’s largest research institutions, fell victim to an elaborate phishing scheme. The scheme, originated in Iran and was ultimately discovered and thwarted by a South Carolina cyber security startup called PhishLabs.
These Iranian hackers had created websites designed to look like the actual websites of major colleges and universities across the country. From there they started to send out fishing emails to professors, students and researchers specifically asking that they re-apply for research library credentials.
Thousands of unsuspecting victims turned their research credentials over to these Iranian hackers. The hackers were able to create a stockpile of research on a wide range of topics. Some of the research was sold on the black market and some of it was given to the Iranian government.
Crane Hassold the director of threat intelligence at PhishLabs discovered the hack when doing research on academic and university cyber security. After finding the first few fake sites he was able to find even more. He was also able to track down who was responsible for this fishing scheme, and realized it was research institutions that this particular group of hackers was after.
“The phishing pages were all targeted specifically toward the libraries of the universities, so it was very unique and something I’d never seen before,” Hassold said. “If you looked at the list of universities, it’s certainly not like they were selected at random. They were selected for a reason.”
The Post & Courier reports that the phishing campaign could have been going on for over five years when Hassold and the PhishLabs team discovered it. He turned the information over to the FBI but wasn’t sure if a formal investigation was already underway.
The Justice Department attributed the phishing campaign to an organization called Mabna Institute, which had been created specifically for this attack. The attacks were believed to been at the behest of Iran’s Revolutionary Guard.
Phishing attacks are at the core of PhishLabs business. The South Carolina startup has raised $11 million to date. Check them out here.