Iranian hackers spent 18 months masquerading as an aerobics instructor in a cyber-espionage campaign designed to infect employees and contractors working in defence and aerospace with malware in order to steal usernames, passwords and other information which could be exploited.
Active since at least 2019, the campaign used Facebook, Instagram and emails to pose as the fake persona “Marcella Flores”. The attackers could spend months building up a rapport with targets via messages and emails before distributing malware after the trust was gained.