Select Page

Twin cyber operations conducted by state-sponsored Iranian threat actors demonstrate their continued focus on compiling detailed dossiers on Iranian citizens that could threaten the stability of the Islamic Republic, including dissidents, opposition forces, and ISIS supporters, and Kurdish natives.

Tracing the extensive espionage operations to two advanced Iranian cyber-groups Domestic Kitten (or APT-C-50) and Infy, cybersecurity firm Check Point revealed new and recent evidence of their ongoing activities that involve the use of a revamped malware toolset as well as tricking unwitting users into downloading malicious software under the guise of popular apps.

“Both groups have conducted long-running cyberattacks and intrusive surveillance campaigns which target both individuals’ mobile devices and personal computers,” Check Point researchers said in a new analysis. “The operators of these campaigns are clearly active, responsive and constantly seeking new attack vectors and techniques to ensure the longevity of their operations.”

Despite overlaps in the victims and the kind of information amassed, the two threat actors are considered to be independently operating from one another. But the “synergistic effect” created by using two different sets of attack vectors to strike the same targets cannot be overlooked, the researchers said.

images from Hacker News