Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Xy5Z89🇩🇪🇪🇺🇺🇦 Profile picture
Xy5Z89🇩🇪🇪🇺🇺🇦
@Xy5Z89
28 years old German🇩🇪🇪🇺,Anime, Political thoughts, Umamusume (?) and a lots of trash talk, I guess.私は一人で日本語を学んでいます。

Sep 21, 2020, 15 tweets

-Threade-
#Iran #Teheran #CyberCrime #CyberSecurity #Hacker

According to researchers, attackers from Iran have been carrying out cyber operations for years with which they outsmart the encryption of popular messenger services.

The capabilities of state-backed Iranian hackers have so far been underestimated in the West. This is the result of investigations by the civil rights organization Miaan, which is active in the Middle East, and the IT security company Check Point.

The experts unanimously report that attackers from the country have been carrying out massive cyber operations unnoticed for years and for a long time, with which they can access the actually continuously encrypted communication via messengers such as WhatsApp and Telegram.

According to their own information, the security researchers first came across a Persian-language document entitled "The regime fears the spread of revolutionary cannons.docx",

which relates to the struggle between the government in Tehran and the militant Iranian opposition movement of the People's Mujahideen and members of it Group was directed.

Another malware-fed file was disguised as a report on the results of an IT security analysis, long awaited by human rights activists. "The group carried out a cross-platform, targeted attack with mobile,

desktop and web attack vectors that left no alternative path open for the victims on their target list," explained Lotem Finkelstein, who is responsible for threat intelligence at Check Point New York Times.

Even messengers believed to be "safe" would have had little to counter this. Miaan tracked Iranian attacks back to February 2018, the organization writes in its report.

The starting point was references from an Iranian human rights center to harmful e-mails which were sent to members after a violent confrontation between the security forces in Iran and a religious Sufi group.

Traces of this and other attacks with the malware used until June 2020 led the scientists to an IT company in the northeastern city of Mashhad called Andromedaa. According to the results, the company is behind various cyber attacks on activists,

ethnic minorities and separatist opposition groups. But she also developed phishing and malware tools aimed at the general public. One of the applications allowed the hackers to download data that was stored in WhatsApp.

The main aim was to gather information about the Iranian opposition in Europe and the US and to spy on locals who often use mobile apps to plan protests. A British security company recently reported that Iranian hackers had also been successful through social engineering.

Sources

report to the called "RampantKiten": blog.checkpoint.com/2020/09/18/ram…

Explanation by Lotem Finkelstein
nytimes.com/2020/09/18/wor…

Miaam report: miaan.org/publication/sp…

Attack against a british company (German report)
heise.de/meldung/Iranis…

@no_itsmyturn @IranianWatchdog @sallylieben @bamdad_azad @homayonii @Natsecjeff @Faytuks

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling