<ul data-eligibleForWebStory="true"><li>Iran-linked APT42, known as Educated Manticore, targets Israeli journalists, cybersecurity experts, and academics with phishing attacks by impersonating security professionals.</li><li>APT42 focuses on highly targeted spear-phishing using techniques such as credential harvesting, surveillance operations, and malware deployment.</li><li>The threat actors created fake Gmail login pages and Google Meet invitations to steal email credentials and 2FA codes from victims, gaining unauthorized access to their accounts.</li><li>The group used custom phishing kits mimicking Gmail, Outlook, and Yahoo, employing live keyloggers and WebSocket connections to control the stolen data.</li></ul>

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Discover more