Iranian Spyware Exposed

The hacking gang GhostSec, has got global attention after saying it has hit the FANAP Behnama software, which it has described as the “Iran regime’s very own privacy-invading software.” The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness.

The GhostSec group was formed about 10 years ago with the specific aim of combating Islamist extremism online. It claims to have exposed 20GB of data including face recognition and motion detection systems that are used by the Iranian government to monitor and track its people.

After the outrage following the death of Mahsa Amini, who was in custody in 2022. She was arrested by the morality police of Iran for allegedly failing to wear appropriate religious dress, and there was a mass of protests since her death that have seen hundreds more killed or detained and so the revelations by GhostSec are considered to be on the moment by many Irainians.

GhostSec says it intends to make the data public, “in the interests of the Iranian people, but also in the interests of protecting the privacy of each and every one of us.” There are claims that GhostSec’s actions align with hacktivist principles, they also position themselves as advocates for human rights.

The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness. This attack exposes the Iranian regime’s capacity and willingness to put its citizens under intrusive scrutiny in a fundamental breach of the human right to privacy.

The group itself even said in its statement: “This is not about technology and software, it’s about the privacy of the people, civil liberties, and a balance of power.”

Apparently the group also established a Telegram channel titled “Iran Exposed” through which they intend to share information about the breach and have already shared some compromised data accompanied by explanations of their findings and the rationale behind their actions.

GhostSec is believed to be an offshoot of the wider Anonymous hacktivist group that emerged around 2015, thought to be partly in response to the ISIS terrorist attacks in France the same year.

Since its emergence, it claims to have sabotaged hundreds of portals and social media accounts promoting Islamist extremism. GhostSec’s intention to amplify opposition to the intrusive scrutiny that undermines fundamental human rights in Iran and many other countries.

I-HLS:     Cyber News:     Hackread:     OSINT Team:     Cyberint:     TikTok:     Iran Xposed:     Wikipedia

You Might Also Read: 

A ‘FunnyDream’ From China:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« LockBit Hacked Montreal's Electricity Supplier
CISA's Post-Quantum Cryptography Initiative »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Communications Authority of Kenya

Communications Authority of Kenya

The Authority is responsible for facilitating the development of the information and communications sectors including; broadcasting, telecommunications, electronic commerce and cybersecurity.

Optra Security

Optra Security

Optra Security specializes in information security with a focus on Application Security.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

ReconaSense

ReconaSense

ReconaSense helps protect people, assets, buildings and cities with its next-gen access control and converged physical security intelligence platform.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

SecureLayer7

SecureLayer7

SecureLayer7 is an international provider of integrated business information security solutions with an innovative approach to IT security.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Cyber-Security Council Germany

Cyber-Security Council Germany

The German Cyber Security Council's objective is to consult businesses, government agencies and political decision-makers and to support them against cybercrime.

Cyber Octet

Cyber Octet

Cyber Octet is an IT Solution, Security, Training and Services company. We provide training and services from Web Application Security to ISO 27001 implementation.

Technology Innovation Institute (TII)

Technology Innovation Institute (TII)

TII is a UAE-based research center that aims to lead global advances in AI, robotics, quantum computing, cryptography and secure communications and more.

Venticento

Venticento

Venticento is an IT company specialized in consulting and network support and assistance for companies that need to make their business processes more effective.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.