An Israeli cybersecurity firm said Tuesday that Iranian hackers have targeted emails of several current and former senior officials.
Checkpoint said that among those who have been targeted are former politician Tzipi Livni, and an executive from a high-profile Israeli security firm. Israeli security authorities were briefed on the breach.
The hackers used a false identity of a retired IDF general and Israel's former ambassador to Washington in order to approach the officials.
According to Checkpoint, the hacking campaign began in December of 2021, and continued for at least six months, ending last week.
The hackers exploited the information they initially to expand the scale of the breach, stealing personal information of high-level officials in the defense industry, private email correspondence between senior officials, personal details of key personnel in the country's defense establishment, passport photos and other classified documents.
They employed different strategies to obtain information, such as using fictitious links in order to gage passwords and e-mails.
The hackers established dedicated infrastructure to obtain the telephone numbers of their targets and began correspondents to entice them abroad.
The Iranian ploy was uncovered by former Foreign Minister Tzipi Livni, whose suspicion was aroused in December, when she received an e-mail from a former IDF general who urged her to open a file, using her personal password.
When she reached out by phone to the general, he told her he had not sent her the e-mail.
Livni approached by checkpoint, which began the investigation and uncovered the extend of the breach after locating code and an IP address that could be traced back to earlier Iranian hacking operations.
Using false identities, Iranian operatives invited Israeli academics, businessmen, and former military and security officials to participate in events overseas.