It is believed that photos Iraninan hackers used belong to an actual Romanian woman they stole from social media.
A phish called Mia: How Iran used a fake profile to lure Mideast victims
Mia Ash is supposed to be a 30-year-old woman with a successful career as a photographer in London and has as many as 500 friends on Facebook, LinkedIn and Instagram. Most of them are reportedly men from the Middle Eastern who shower her photos with likes and comments.
But Mia Ash is not real.
Last February, SecureWorks (an Information Security Solutions company) helped a Middle Eastern company with an attempted spyware infection which they assessed was initiated by COBALT GYPSY (formerly known as TG-2889), a threat group associated with Iranian government-directed cyber operations.
A phish called Mia
“SecureWorks CTU researchers assess it highly likely that the Mia Ash persona is a fake identity used to perform reconnaissance on and establish relationships with employees of targeted organizations,” a report from their website read.
The scam using Mia Ash targeted mid-level staff at Middle Eastern telecommunication, technology, aerospace and oil and gas companies with access to sensitive parts of their company’s IT operations.
It is believed that photos Iraninan hackers used belong to an actual Romanian woman they stole from social media.
A phish called Mia
Also Read
Editor's Choice
-
US-led effort to boost Lebanon’s army emerges as key pillar of Hezbollah disarmament Middle East 4 days ago -
US, Iran send mixed signals on potential deal after latest attacks Middle East 28 May ,2026 -
Al Arabiya obtains final draft of preliminary US-Iran memorandum of understanding Middle East 25 May ,2026 -
Saudi position on Palestinian issue remains unchanged: Source Saudi Arabia 25 May ,2026