Iranian hackers have reportedly entered networks at British universities to steal academic research documents which are now for sale on WhatsApp.
The Telegraph reported that some of the papers covered topics including nuclear development and computer encryption.
The documents are being sold on Farsi language websites in addition to the WhatsApp messaging app. The price of papers vary but they start at £2.
The intellectual property theft was initially reported last month by Secureworks researchers who discovered a URL spoofing a login page for a university, tricking people into giving them their usernames and passwords: the tip of what turned out to be a credential-stealing iceberg.
According to Sophos, 16 domains were uncovered containing over 300 spoofed websites and login pages for a global campaign targeting 76 universities located in 14 countries, including Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the UK, and the US.
Secureworks tied the campaign to the Iranian government.
“In February, the US indicted nine Iranian nationals for alleged computer intrusion, wire fraud, and aggravated identity theft. The indictment alleged that the men were involved in a scheme to obtain unauthorized access to computer systems, steal proprietary data from those systems, and sell the stolen data to Iranian customers, including the Iranian government and Iranian universities.”
Dave Palmer, a former MI5 and GCHQ officer, told The Telegraph:
“Universities should be worrying about it.”