Spyware Campaign Targeted Iranian Kurdish Minority, ISIS Supporters

Revealed by information security firm Check Point, the campaign targeted Iranian citizens

Dror Reich 08:5713.09.18

Israel-based cybersecurity company Check Point Software Technologies Ltd. has announced it discovered a spyware campaign directed against Iranian Kurds, as well as Iranian ISIS supporters. Check Point stated that while the identity of the perpetrators behind the attack, ongoing since 2016, "remains unconfirmed," the company believes the campaign is "of Iranian origin," perhaps even directed by government entities.


For daily updates, subscribe to our newsletter by clicking here.


According to Check Point, the perpetrators used fake decoy content—an ISIS themed app and a fake app for existing Kurdish news agency ANF—to trick users into downloading spyware to their mobile phones. Data collected included contact lists stored, phone call records, SMS messages, browser history and bookmarks, geolocation, photos, and voice recordings.




An ISIS militant. Photo: Reuters An ISIS militant. Photo: Reuters



Check Point stated it believes around 240 people have fallen victim to the campaign so far, 97% of which Iranian citizens. Other victims are from Afghanistan, Iraq, and the U.K. The company stresses that the actual number of users who downloaded the apps may be much higher.


Last week, Israeli cybersecurity company ClearSky Cyber Security Ltd. announced it had identified three websites operated by Iranian entities that targeted Israeli users with "distorted" news. Called “Tel Aviv Times” one of the websites, operational since 2013, presented Hebrew-language stories pilfered from Israeli media but changed in critical places to support Iranian agenda.The websites were supported by 14 fake Facebook profiles and 11 fake Twitter accounts.


Last month, Facebook, Twitter, and Google suspended or blocked multiple accounts in a crackdown on fake news connected to both Iranian and Russian players.
Cancel Send
    To all comments