Feb 10, 2021 - Technology

Iranian spying operation targets dissidents

Illustration of an extra long arm holding a magnifying glass over a lone computer.

Illustration: Aïda Amer/Axios

An Iranian cyber spying group nicknamed Domestic Kitten has “targeted over 1,200 individuals with more than 600 successful infections” since 2017, according to new research by Check Point, an Israeli-U.S. security firm.

Why it matters: Repressive regimes around the world, including Iran, devote significant resources to targeting individuals and organizations they view as potential challengers to their rule or internal stability. Revelations about campaigns like these can help show who precisely these regimes believe are their greatest threats.

Details: The campaign, while mostly compromising individuals within Iran, has been global in scope, with victims in the U.S., U.K., Pakistan, Afghanistan, Turkey and other countries, says Check Point.

  • The Iranian cyber operators tricked victims into following links to install “a malicious application” using “multiple vectors, including an Iranian blog site, Telegram channels, and even by SMS,” reports Check Point.
  • In addition to focusing on Iranian dissidents at home and abroad, Domestic Kitten also targeted ISIS supporters and members of Iran’s Kurdish minority, among other groups.

Go deeper: In an earlier investigation into Domestic Kitten, Check Point described how the group created a fake “updated” version of an app from a real Kurdish news service to infect victims’ devices. It also created a fake pro-ISIS app that allowed users to select pictures to use as their wallpaper for electronic devices.

Go deeper