A new investigation of two known threat groups show cyber actors are spying on mobile devices and PCs belonging to targeted users around the world.
The Iranian government is continuing to actively spy on the mobile phones and PCs of dissidents and other individuals thought to be of interest to the regime, a new Check Point Research investigation of two Iran-based cyber-threat groups has revealed.
One of the groups, called Infy, has been operating since at least 2007 and has been associated with attacks targeting Persian-language media, diplomatic targets, and Iranian dissidents in multiple countries, including the United States, Canada, and Germany.
Infy’s modus operandi has been to install surveillance malware on PCs belonging to targeted individuals and collecting a wide range of information from them, including contact information, sensitive data, voice recordings, and image captures. Infy ceased operations briefly between mid-2016 and mid-2017 after researchers from Palo Alto took down the group’s command-and-control (C2) infrastructure and, with that, its ability to communicate with the victims.
Read the complete article at: Dark Reading