Israel’s National Cyber Directorate has thwarted a sophisticated Iranian cyberattack that posed as an official mental health support service for veterans and reservists suffering from post-traumatic stress disorder (PTSD).
The fake site was designed to mimic legitimate resources for soldiers in crisis. In reality, it sought to harvest sensitive personal data and secretly install malware on visitors’ devices. Cyber officials said forensic analysis pointed to a well-known Iranian hacker cell, consistent with tactics previously used in Tehran’s state-directed campaigns.
Thanks to advanced monitoring tools, the malicious site was identified and taken offline before it spread widely or inflicted damage.
“This is proactive work on our part, and it underscores the importance of constant vigilance against efforts to exploit the public, especially at moments of emotional vulnerability,” said Dana Toren, head of operations at the directorate.
Officials warned the incident may have been only one component of a broader Iranian campaign, urging the public to brace for follow-up attempts that could involve new domains, messaging platforms, or emotionally targeted appeals.
Iranian-linked groups — including the notorious Charming Kitten (APT35) — have repeatedly run phishing schemes, fake social media profiles and malicious apps in order to steal data and infiltrate sensitive systems. Israeli analysts say these efforts reflect Tehran’s wider strategy: exploiting human weakness and emotional triggers alongside technical operations.
The Cyber Directorate urged citizens not to click on unverified links, avoid sharing personal data with unknown entities, and rely only on recognized organizations such as NATAL, the Defense Ministry, or the One Soul program for mental health support. Suspicious online activity should be reported immediately to the directorate’s 119 hotline.
(YWN World Headquarters – NYC)