The Mabna Institute, also known as the threat actor “Silent Librarian” (Phishlabs), is a group of nine Iranian citizens that have been charged in a computer hacking campaign. The campaign compromised various targets, such as US and foreign universities, private companies, and US government entities. Several specific targets were identified by PhishLabs and the FBI, and they include the US Department of Labor, the Federal Energy Regulatory Commission, the Los Alamos National Laboratory, and the Memorial Sloan Kettering Cancer Center. According to the FBI, the campaign has been ongoing for about four years and has compromised 144 US based universities and 176 foreign universities. According to Phishlabs, the tactics of the phishing campaigns used to compromise these entities barely changed over time. Targeted users were sent emails stating their library account was expiring. The users were then directed to a link which was a redirect to a phishing page requesting a username and password.
Proficio Threat Intelligence Recommendations:
- User phishing training usually helps mitigate risk against users falling for basic types of phishing campaigns.
Phislabs technical analysis of the campaign – Click Here
FBI release on individuals wanted – Click Here