State-backed Iranian hackers spread malware through links to fake VPN apps
Published: September 9, 2022

State-backed Iranian hackers spread malware through links to fake VPN apps
State-backed Iranian hackers spread malware through links to fake VPN apps

State-backed Iranian hackers spread malware through links to fake VPN apps.

A highly resourceful Iranian state-backed hacker group uses malicious links to VPN apps sent via SMS texts to inject spyware, a cybersecurity firm reports. 

Mandiant found evidence that APT42 (advanced persistent threat) has been conducting such attacks against what they described as "the enemies of the Iranian state" since 2015, with the goal of harvesting sensitive data and spying on victims. 

They also claim with "moderate confidence" that the group is aligned with the Islamic Revolutionary Guard Corps Intelligence (IRGC-IO), which Washington designates as a terrorist organization. 

This malware is not just spread hidden behind the reputation of some of the best VPN services, though. Well-crafted phishing emails, mischievous webpages free messaging apps, and adult-only sites have also been employed.  

As Mandiant reports: "The use of Android malware to target individuals of interest to the Iranian government provides APT42 with a productive method of obtaining sensitive information on targets, including movement, contacts, and personal information.

"The group's proven ability to record phone calls, activate the microphone and record the audio, exfiltrate images and take pictures on command, read SMS messages, and track the victim's GPS location in real-time poses a real-world risk to individual victims of this campaign." 

Researchers observed over 30 confirmed operations across 14 countries worldwide so far, spanning its seven years of activity. However, they believe the total number to be much larger than that. 

Western think tanks, researchers, journalists, current Western government officials, former Iranian government officials, dissidents, and the Iranian diaspora abroad have all been among the victims of such attacks. 

APT42's campaigns have two main goals: gathering targets' sensitive data like personal email credentials, multi-factor authentication codes, and private communication records while tracking victims' location data to carry on major surveillance operations.      

The group's cunning playbook is gaining the trust of targets, engaging in conversation that can even last several weeks before finally sending the phishing email. In an instance, hackers pretended to be journalists working for a famous US media outlet for 37 days before launching the attack. 

In the case of mobile malware, APT42 has been successfully targeting internet users that were looking for circumventing tools to bypass the strict government restrictions. And, being that over 80% of Iranians use such software to escape online censorship, citizens' safety seems never been so at stake.

The Mandiant report further pointed out how the group - believed to be also linked to the infamous APT35 that last year managed to infiltrate Play Store with fake VPN apps - has been proficient at quickly shaping its strategies and targets to align with Iran's domestic and geopolitical interests.

"We assess with high confidence that APT42 will continue to perform cyber espionage and surveillance operations aligned with evolving Iranian operational intelligence collection requirements."

My Take: This is just what Iran does, as well as all those countries. We need to fight back. 

SOURCE: techradar.com
Customer Reviews:

We all have been VERY pleased with Adrian's vigila
We all have been VERY pleased with Adrian's vigilance in monitoring the website and his quick and successful repairs. Evan was also very helpful in solving all of my hacking problems. So in all aspects of the Computer Geeks we are very glad we are working with you.
Kenneth Bruscia PhD
Published:
Kenneth Bruscia PhD
[email protected]
FIVE STARS + It's true, this is the place to go fo
FIVE STARS + It's true, this is the place to go for your web site needs. In my case, Justin fixed my problem immediately. It's such a comfort to know that I can reply on these people for any and all my web needs. You will not find a better team anywhere.
Paul Adler
Published:
Paul Adler
[email protected]
We reached out to Rich and his team at Computer Ge
We reached out to Rich and his team at Computer Geek in July 2021. We were in desperate need of help because our former website design agency left us hanging with major website issues that needed immediate attention. Rich and his team were extremely helpful and quick to come to our rescue! They have helped us with numerous projects that have helped our SEO. Our sales have increased 30% since coming to Computer Geek. We've been working with them for about nine months now and are very pleased with their response time and helpful manner. Rich has proven himself to be trustworthy and dependable. We feel valued as a customer and look forward to continuing a relationship with Computer Geek.
Leigh Hutchens
Published:
Leigh Hutchens
[email protected]
Just to say thank you for all the hard work. I can
Just to say thank you for all the hard work. I can't express enough how great it's been to send projects and they get done. Beyond that, your ability to work with three different folks in a personable way really has been a game changer for us. The improvements to our business because of your hard work have been significant.
Curtis Williams
Published:
Curtis Williams
[email protected]
I would certainly like to recommend that anyone pu
I would certainly like to recommend that anyone pursing maintenance for a website to contact The Computer Geek. I have been using another company to do some maintenance on my site with moderate success. There were issues that were evidently beyond what could be handled by them. However, the professionals at The Computer Geek had them addressed and rectified in no time at all. The Computer Geek approached all of my requests focusing on my goals and the needed performance. Then, once versed, presented me with a very reasonable price. Once the projects were in motion, I found that the tasks were achieved before I expected, with professional results. Also, in one instance where The Computer Geeks brought an issue to my attention that I would have likely overlooked. This was accompanied by a recommendation on how to solve the issue. Overall The Computer Geeks exceeded my expectations!
David Pappas
Published:
David Pappas
[email protected]
I have a important website dedicated to the local
I have a important website dedicated to the local high school going back nearly 100 years. It was suddenly infected with a virus. Rich at Computer Geek fixed it within an hour. I cannot recommend him enough. I hope it's not for a long time, but the next time I need help, Rich is who I'm gonna call.
Eric Williams
Published:
Eric Williams
[email protected]
WOW! I have been wracking my brain for the past 30
WOW! I have been wracking my brain for the past 30 days trying to figure out who was hosting my company's website the domain owner, etc. Yesterday, when I googled for help and I clicked on the link to computer-geek.net and picked up the phone and called them. Rich answered and from there it was smooth sailing!
Rhonda Harding
Published:
Rhonda Harding
[email protected]
A note to let you know how much I appreciate your
A note to let you know how much I appreciate your team's work. Justin is on top of quickly solving any issues, making changes, reliable. Finding you was one of the luckiest days of my 74 years. I'd be honored if you'd add me to your list of references. And please stay healthy and in business. I got enough headaches from other folks.
Dan Cutrer
Published:
Dan Cutrer
[email protected]
We discovered an issue with our Oscommerce cart pr
We discovered an issue with our Oscommerce cart processing images. It is about 14 years old and heavily modified. Looking on google for some expert help I found Rich and reached out to him. We received a response the same day. The next day his team was working on our issue and was able to solve it within a few hours. Price was reasonable and we are very appreciative to find a competent and professional oscommerce expert to help successfully troubleshoot our issue.
Phillip Sirota
Published:
Phillip Sirota
[email protected]
I'm very new to the whole idea of having a website
I'm very new to the whole idea of having a website / blog. I used Bluehost.com and WordPress.org to create Thepredatorhunter.com and then managed to wreck it. On a Sunday morning I opened chat box with Rich and within a few hours everything was fantastic! This isn't just a company for big biz, if your new and small, The Computer Geek can help you out. In trouble? Stop fretting and start typing in the chat box. You will be glad you did!
Dennis Gilmore
Published:
Dennis Gilmore
[email protected]
[Read More Testimonials Here]

Latest Website Related Articles

Microsoft wants to help you build a website with Copilot AI

Published: May 24, 2023
Microsoft wants to help you build a website with Copilot AI. Microsoft has added AI enhancements to its low-code website-building offering, Power Pages. Announced at its Microsoft Build conference, Copilot in Power Pages lets website developer">website developers...[Read More]

 

Windows 11 suffers from a weird bug that messes with hard drives

Published: May 22, 2023
Windows 11 suffers from a weird bug that messes with hard drives. Microsoft has confirmed that Windows 11 users are also experiencing an odd bug with SATA hard drives that have already been witnessed plaguing Windows 10 (and indeed Windows 8.1 and...[Read More]

 


Here are some links to related topics:
 securing wordpress,   best link building service,   website optimization specialist,   hostclear hacked,   ideahost hacked,   startlogic hacked,  


Auto Helpers: Auto Helpers
Site Secured By The Website Guardian