Microsoft says it has discovered cyber attacks by an Iranian intelligence group

October 29, 2020


Microsoft said Thursday that it has discovered and tried to stop a series of cyber attacks driven by actors linked to “Iran.”

“The attacks targeted more than 100 prominent figures who are scheduled to participate in the Munich Security Conference and the T20 Think Tank Summit in Saudi Arabia,” Microsoft said.


Microsoft revealed in a statement,that the group is a group called Phosforas,and that it is linked to Iran.


The software giant said it believes phosforas is carrying out these attacks for the purposes of gathering intelligence.

The Munich Security Conference is the most important gathering on the subject of security for heads of state and world leaders, held annually for nearly 60 years.

Similarly, the T20 Summit is an event that formulates the policy ideas of the G-20 countries and guides their crucial discussions.

Microsoft stressed that

“Based on the current analysis, we do not believe that this activity is related to the American elections in any way.”

How did the attackers trick them?

The attackers sent the dignitaries expected to attend the conference false invitations via e-mail, using standard English.

The figures to which the fake invitations were sent include former government officials, policy experts, academics and NGO leaders.

Vesforas’s target from that?

Microsoft has confirmed that it believes Vesforas is involved in collecting this information for intelligence purposes. Microsoft noted that these attacks have succeeded in hurting many victims, including former ambassadors and other senior policy experts who help shape their countries’ global agendas and foreign policies