According to a leading cyber-security company, Iran is targeting dissidents in an effort to install spyware on their PC and mobile devices. More than 1,000 individuals were affected. The spyware was being used to steal call recordings and media files.
One of the groups is known as Domestic Kitten or APT-50, which allegedly tricked people into downloading malicious software onto their mobile devices. The methods they used include:
- using an existing version of an authentic video game on the Google Play store and repackaging it
- Pretending to be an app for a restaurant in Tehran
- Fake mobile-security applications
- Mimicking a wallpaper application containing pro-IS imagery
Approximately 1,200 people were targeted by this campaign across seven different countries, with 600 successful infections. Contrary to Domestic Kitten, the second group, known as either Infy or Prince of Persia, infected work PCs and spied of people in their homes. The group extracted sensitive data after tricking people with phishing emails. The Iranian government has not yet provided a comment.