TA453 Phishing Campaign Targets UK Government and Academia
- Actor Motivations: Espionage,Exfiltration
- Attack Vectors: Spear Phishing
- Attack Complexity: Medium
- Threat Risk: Low Impact/High Probability
Threat Overview
TA453, also known as Charming Kitten, has targeted sectors such as academia, defence, government, NGOs, think tanks and journalists in the UK and other regions of interest. The group uses spear phishing attacks, using open source reconnaissance to create tailored phishing emails. These emails are often sent from fake social media profiles or compromised email accounts. Once a relationship has been established, TA453 directs victims to malicious links or documents and steals credentials upon interaction. The group also exploits compromised email accounts to steal sensitive data, set up mail forwarding rules and facilitate further surveillance and future attacks.
Detected Targets
| Type | Description | Confidence |
|---|---|---|
| Sector | Defense | High |
| Sector | Government Agencies and Services | High |
| Sector | Journalists | High |
| Sector | Political | High |
| Sector | Researchers | High |
| Region | United Kingdom | Verified |