Targeting of over sixty universities in multiple countries, including the United States and United Kingdom

Date of report

September 2019

Affiliations

Believed to be the work of Cobalt Dickens.

A threat actor launched a phishing operation with spoofed login pages to steal the credentials of users at over sixty universities in the United States, United Kingdom, and elsewhere.

Suspected victims

United States
Canada

United Kingdom
Hong Kong

Australia
Switzerland

Suspected state sponsor

Iran (Islamic Republic of)

Type of incident

Espionage

Target category

Civil society
Private sector

COBALT DICKENS Goes Back to School…Again
‘Cobalt Dickens’ group is phishing universities at scale again, researchers say

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events