Hacking threats and cyberattacks
5 ways us can stop hackers orig nws_00010722.jpg
Now playing
01:37
5 ways the US can stop hackers
Now playing
04:21
5 ways the U.S. can stop hackers
russia DNC hacking RON 2_00000808.jpg
Now playing
02:30
US blames Russia for power grid cyberattacks
Photo of North Korean leader Kim Jong Un taken from the front page of the state paper Rodong Sinmun on Friday September 22.
Now playing
02:28
US blames North Korea for cyberattack
The Kremlin wall and towers dominate the skyline at the Red Square in Moscow, on March 2, 2012. Russia on March 4 votes in presidential elections expected to send Vladimir Putin back to the Kremlin after his four year stint as prime minister.  AFP PHOTO / SERGEI SUPINSKY        (Photo credit should read SERGEI SUPINSKY/AFP/Getty Images)
Now playing
03:34
NYT: US spies paid Russian who promised cyberweapons, Trump intel
BERLIN, GERMANY - DECEMBER 28: A participant sits with a laptop computer as he attends the annual Chaos Communication Congress of the Chaos Computer Club at the Berlin Congress Center on December 28, 2010 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants. (Photo by Sean Gallup/Getty Images)
Now playing
01:47
NYT: NSA hack bigger than Snowden
Now playing
03:15
Homeland Security Chief: Hackers targeting voting systems
Now playing
02:17
Source ties Russia to Wikileaks emails
Now playing
02:21
Putin ally warns of 'war' if US elects Hillary Clinton
Now playing
02:30
Hackers playing US for entertainment?
Russian President Vladimir Putin visits a polling station during parliamentary elections in Moscow on September 18, 2016. / AFP / POOL / GRIGORY DUKOR        (Photo credit should read GRIGORY DUKOR/AFP/Getty Images)
Now playing
02:15
How Russian hackers could influence the election
A man walks to use a voting booth March 1, 2016, at one of the Virginia primary election polling stations at Colin Powell Elementary School, in Centreville, Virginia.
Voters in a dozen states will take part in "Super Tuesday" -- a series of primaries and caucuses in states ranging from Alaska to Virginia, with Virginia the first to open its polling stations at 6:00 am (1100 GMT).  / AFP / PAUL J. RICHARDS        (Photo credit should read PAUL J. RICHARDS/AFP/Getty Images)
Now playing
01:52
US officially blames Russia for political hacks
FBI Director James Comey (R) speaks as Assistant Attorney General for National Security John Carlin (L) listens during a news conference for announcing a law enforcement action March 24, 2016 in Washington, DC.
Now playing
04:31
Assistant attorney general to hackers: We'll find you
Hillary Clinton and Donald Trump shake hands following the first presidential debate moderated by NBC host Lester Holt(bottom L) at Hofstra University in Hempstead, New York on September 26, 2016.
Now playing
01:27
Fact check: Was Russia behind the DNC cyberattacks?
WESTBURY, NY - SEPTEMBER 26:  Democratic presidential nominee Hillary Clinton speaks during a debate-watch party at The Space at Westbury on September 26, 2016 in Westbury, New York. Tonight was the first of four debates for the 2016 election - three presidential and one vice presidential.  (Photo by Justin Sullivan/Getty Images)
Now playing
01:50
Clinton's Wall Street speeches leaked?

Story highlights

Researchers said the cyberspies were posing mainly as recruiters from major international companies

More than 200 legitimate LinkedIn users had connected with the 25 fake accounts that researchers analyzed

Washington CNN —  

A group of suspected Iranian hackers are using a sophisticated network of fake LinkedIn profiles to spy on unsuspecting targets worldwide – including the U.S. – according to a new report.

The fake personas fell into two groups: one set that were fully developed profiles posing as recruiters for major worldwide government contractors and international corporations, and another set that were less developed and designed to lend legitimacy to the primary accounts through endorsements and connections.

The report from computer company Dell’s Secure Works unit identified the group behind the profiles as “TG 2889,” and researchers said there was strong circumstantial evidence pointing to the group operating out of Iran. The hackers employed a number of companies matched to computer domains used in attacks that had previously been attributed to cyberattackers from Iran, and the spread of targets in the Middle East, Arab states, North Africa and the U.S. would be consistent with an Iranian source.

Researchers said the cyberspies were posing mainly as recruiters from major international companies including Northrop Grumman, General Motors, Teledyne Technologies, Doosan and Airbus.

RELATED: Official: Iran hacked U.S. casino

The crew seemed to be having success – more than 200 legitimate LinkedIn users had connected with the 25 fake accounts that researchers analyzed. The majority of the targets were from Saudi Arabia, Qatar, United Arab Emirates and Pakistan, but 12 were from the U.S.

Many of the targets worked in the telecom sector, government and defense.

The fake profiles allow hackers to spy by helping them engage in “social engineering” – researching targets based on information on the Internet and social media to build a tailored phishing attack. Once the cyberspies establish a connection with the targets, they can send them malicious software hidden in links and attachments to emails that can compromise their computer, giving the hackers access to highly sensitive information.

The previously described Iranian group, for example, used malicious software hidden in what looked like a resume application to go after its targets.

Iran is considered one of the top concerns for the U.S. in cyberspace along with China, Russia and North Korea. Despite successful talks to reach a nuclear deal with Iran, cyberattacks have remained a concern – with Director of National Intelligence James Clapper revealing this year that Iran had hacked a major Las Vegas casino.

Dell researchers recommended LinkedIn users only engage with profiles they know to be authentic and suggested companies do a better job of ensuring that profiles of individuals claiming to work for them are real.