Iran Targets Kurds With Spyware

A security firm has discovered that Iran is using spyware to targeted Iranian Kurds and other Iranian citizens in a surveillance operation called ‘Domestic Kitten.’ The security company Check Point has collected evidence that Iran is using the program in coordinated attacks since 2016.

“Recent investigations by Check Point researchers reveal an extensive and targeted attack that has been taking place since 2016 and, until now, has remained under the radar due to the artful deception of its attackers towards their targets,” Check Point said in a statement.

“Through the use of mobile applications, those behind the attack use fake decoy content to entice their victims to download such applications, which are in fact loaded with spyware, to then collect sensitive information about them,” the security firm said.

These targets include Kurdish and Turkish natives and supporters of the Islamic State (IS) group. “Most interesting of all, though, is that all these targets are actually Iranians citizens,” the security firm asserted.

According to Check Point, victims are first lured into downloading applications which is believed to be of interest to them. 
The applications Check Point researchers discovered included an IS branded wallpaper changer, “updates” from the pro-Kurdish ANF news agency, and a fake version of the messaging app, Vidogram.

The malware collects data including contact lists stored on the victim’s mobile device, phone call records, SMS messages, browser history and bookmarks, geo-location of the victim, photos, surrounding voice recordings and more, Check Point stated.

A senior member of one of the main Iranian Kurdish opposition parties confirmed the Iranian state is targeting Kurds online with spyware.

“We have seen an increase in Iranian use of spyware, especially on messaging services like Telegram and Viber. Iran also insert spyware into different files on websites it has dedicated to write about the Kurdish political parties,” Loghman H. Ahmedi, a senior member of the Democratic Party of Iranian Kurdistan’s (PDKI) leadership, told Kurdistan 24.

“People who are curious tend to download and forward these files and in doing so, compromise their mobile phones and computers. We have strict procedures regarding the use of smartphones and urge people not to download files or open messages even if it is from friends or family,” he added.

“But due to the lack of security software, it has been proven hard to completely protect ourselves from this type of espionage,” he said.

Apart from spyware, Iran is also increasing the number of fake social media accounts that write in English, the official said. 

“These accounts tend to be activated every time Iran commits some form of violence against the Kurdish people, or if Iran is put under pressure by the international community, and they often use the same line of arguments that Iranian lobbyists in the US and Europe do,” he said. 

“It seems to be coordinated with the lobbyists, especially with individuals linked to the NIAC [National Iranian American Council] in the US and members of different leftist organizations in Europe,” he concluded.

The spike in Iranian spy activities could be related to the increasing unrest in Iranian Kurdistan and clashes between Iranian Kurdish opposition groups and the Islamic Revolutionary Guard Corps. Recently, Iran launched seven missiles at the headquarters of parties in opposition to the Islamic Regime, killing 15 and injuring 42. Moreover, Iran has also recently executed six Kurdish political prisoners.

Kurdistan24

You Might Also Read:

Iran’s Internal Conflict Plays Out On Social Media:

The Resurgent Cyber Threat From Iran:

 

« A Breakthrough In Video Analytics
Keeping Young People Off The Dark Web »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Leonardo

Leonardo

Leonardo (formerly Finmeccanica) is a global high-tech company in Aerospace, Defence, Security & Information Systems including Cybersecurity & ICT solutions.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

inBay Technologies

inBay Technologies

inBay Technologies' idQ Trust as a Service (TaaS) is a unique and innovative SaaS that eliminates the need for user names and passwords.

Garner Products

Garner Products

Garner design, manufacture, and sell equipment that delivers complete, permanent, and verifiable data elimination.

Deepwatch

Deepwatch

deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

Secrutiny

Secrutiny

Scrutiny's core services include Cyber Maturity, Cyber Risk Analyser, Cyber Controls, Incident Response, SOC, Cyber Recovery and Assurance Testing.

KATIM

KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses.

Unisys

Unisys

Unisys is a global information technology company providing industry-focused solutions integrated with leading-edge security to clients in the government, financial services and commercial markets.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.