UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware

  • 2025-10-17 08:00:00
  • The Hacker News

Browsing LinkedIn and agreeing to potential job interviews currently poses a tangible risk; the well-known platform has recently been the target of a series of hacker attacks carried out through the normal process required for hiring a new employee.

According to reports, an Iranian hacker group known as UNC1549 is believed to be behind a recent cyber espionage campaign targeting European telecommunications companies. According to investigations by Swiss cybersecurity company PRODAFT, the group in question may be affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC).

The number of infiltrations carried out on other people's devices amounts to approximately 34, while the number of companies that have fallen victim to the aforementioned plan is around 11. The group's modus operandi involves members posing as human resources representatives interested in interviewing potential candidates, then implementing malware designed to communicate with the original command and control infrastructure within emails and phishing sites.