Infosec outfit Check Point says it has uncovered a six-year Iranian cyber-spying campaign directed at expats and dissidents worldwide.
The Iranian crew, nicknamed RampantKitten, used a variety of infostealers to help themselves to targets' files, as well as extracting passwords from management software KeePass and breaking into Telegram Desktop installations.
A malicious Android app posing as a translation app for Farsi speakers in Sweden to pass local driving tests was also deployed to steal data from expats and potential anti-Iranian-regime dissidents.
"The handpicked targets included supporters of Mujahedin-e Khalq and the Azerbaijan National Resistance Organization, two prominent resistance movements that advocate the liberation of Iranian people and minorities within Iran," said Check Point in its research report on RampantKitten.
Lotem Finkelsteen, a threat intelligence manager at Check Point, said in a canned statement: "Instant messaging surveillance, especially on Telegram, is something ..
Support the originator by clicking the read the rest link below.
