Iran Targets Kurds With Spyware

A security firm has discovered that Iran is using spyware to targeted Iranian Kurds and other Iranian citizens in a surveillance operation called ‘Domestic Kitten.’ The security company Check Point has collected evidence that Iran is using the program in coordinated attacks since 2016.

“Recent investigations by Check Point researchers reveal an extensive and targeted attack that has been taking place since 2016 and, until now, has remained under the radar due to the artful deception of its attackers towards their targets,” Check Point said in a statement.

“Through the use of mobile applications, those behind the attack use fake decoy content to entice their victims to download such applications, which are in fact loaded with spyware, to then collect sensitive information about them,” the security firm said.

These targets include Kurdish and Turkish natives and supporters of the Islamic State (IS) group. “Most interesting of all, though, is that all these targets are actually Iranians citizens,” the security firm asserted.

According to Check Point, victims are first lured into downloading applications which is believed to be of interest to them. 
The applications Check Point researchers discovered included an IS branded wallpaper changer, “updates” from the pro-Kurdish ANF news agency, and a fake version of the messaging app, Vidogram.

The malware collects data including contact lists stored on the victim’s mobile device, phone call records, SMS messages, browser history and bookmarks, geo-location of the victim, photos, surrounding voice recordings and more, Check Point stated.

A senior member of one of the main Iranian Kurdish opposition parties confirmed the Iranian state is targeting Kurds online with spyware.

“We have seen an increase in Iranian use of spyware, especially on messaging services like Telegram and Viber. Iran also insert spyware into different files on websites it has dedicated to write about the Kurdish political parties,” Loghman H. Ahmedi, a senior member of the Democratic Party of Iranian Kurdistan’s (PDKI) leadership, told Kurdistan 24.

“People who are curious tend to download and forward these files and in doing so, compromise their mobile phones and computers. We have strict procedures regarding the use of smartphones and urge people not to download files or open messages even if it is from friends or family,” he added.

“But due to the lack of security software, it has been proven hard to completely protect ourselves from this type of espionage,” he said.

Apart from spyware, Iran is also increasing the number of fake social media accounts that write in English, the official said. 

“These accounts tend to be activated every time Iran commits some form of violence against the Kurdish people, or if Iran is put under pressure by the international community, and they often use the same line of arguments that Iranian lobbyists in the US and Europe do,” he said. 

“It seems to be coordinated with the lobbyists, especially with individuals linked to the NIAC [National Iranian American Council] in the US and members of different leftist organizations in Europe,” he concluded.

The spike in Iranian spy activities could be related to the increasing unrest in Iranian Kurdistan and clashes between Iranian Kurdish opposition groups and the Islamic Revolutionary Guard Corps. Recently, Iran launched seven missiles at the headquarters of parties in opposition to the Islamic Regime, killing 15 and injuring 42. Moreover, Iran has also recently executed six Kurdish political prisoners.

Kurdistan24

You Might Also Read:

Iran’s Internal Conflict Plays Out On Social Media:

The Resurgent Cyber Threat From Iran:

 

« A Breakthrough In Video Analytics
Keeping Young People Off The Dark Web »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

GigaOm

GigaOm

GigaOm's mission is to provide enterprises with information and analysis to help them make better decisions about technology.

Continuum

Continuum

Continuum is the IT management platform company that allows Managed IT Services Providers to maintain and back up on-premise and cloud-based servers, desktops, mobile devices and other endpoints

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

ISEC7 Group

ISEC7 Group

ISEC7 Group is a global provider of mobile business services and software solutions. The company was one of the first movers in mobilising company and business processes.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Aikido Technology Services

Aikido Technology Services

Aikido Technology Services is a leading-edge technology solutions provider, servicing the Pacific North West USA. We offer affordable IT solutions designed to streamline and secure your business.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Token

Token

Token is changing the way our customers secure their organizations by providing passwordless, biometric, multifactor authentication.