The group of Iranian hackers the US charged last week with hacking over 300 universities across the globe were actually master phishers astute at their craft, so much so that they used the same phishing lure for years without needing to change it.
This information was not included in the official indictment released last week but published yesterday in a report by PhishLabs, a company that detected and tracked the group, and later shared some of its findings with investigators.
Hackers used the same "library" angle for 4 years
PhishLabs says the Iranian group —known as the Mabna hackers— used the same phishing lure for four years, since at least February 2014.
Besides small spelling error corrections, the message remained the same until late last year, when PhishLabs stumbled over the group's existence
....
....