Fbi Says Iranian Hackers Are Using Telegram To Steal Data In Malware Attacks

Iranian authorities hackers are utilizing Telegram arsenic a measurement to bargain information from hacked dissidents, guidance groups, and journalists who reason nan authorities astir nan world, according to an FBI alert published connected Friday.  

In nan first shape of nan attack, nan hackers interaction their targets and dress to beryllium a known interaction aliases tech support, and are tricked into accepting a nexus to a malicious record masquerading arsenic morganatic apps, specified arsenic Telegram and WhatsApp. Once nan target installs nan malware, nan 2nd shape of nan onslaught connects nan infected unfortunate pinch Telegram bots that let nan hackers to remotely bid and power nan victim’s computer. This allows nan hackers to summation distant power of nan victims’ devices to bargain files, return screenshots, and grounds Zoom calls, according to nan FBI. 

Using Telegram arsenic a measurement to remotely power a victim’s instrumentality is a communal method by hackers to hide malicious activity among morganatic web traffic, which makes it harder for cybersecurity defenders and anti-malware products to identify.

According to nan FBI, nan hackers responsible for these attacks are allegedly moving for Iran’s Ministry of Intelligence and Security (MOIS). The FBI said these attacks are an illustration of Iranian authorities hackers’ attempts to push nan regime’s “geopolitical agenda.”

In nan alert, nan FBI mentioned nan pro-Iranian and pro-Palestine clone hacktivist group Handala, though it’s not clear if nan attacks referenced successful nan alert were carried retired by this group. 

Earlier this month, Handala claimed responsibility for an onslaught connected aesculapian tech elephantine Stryker, which resulted successful nan wiping tens of thousands of worker devices.

In an 8-K filing pinch nan U.S. Securities and Exchange Commission connected Monday, Stryker said it is still recovering from nan hack.

Last week, the U.S. Justice Department accused Handala of being a beforehand for Iran’s government, specifically nan MOIS, and for being down nan Stryker hack. At nan aforesaid time, the FBI took down and seized 2 websites linked to Handala, and 2 different sites linked to different Iranian hacktivist group called “Homeland Justice.” In nan caller FBI alert, nan bureau said nan 2 groups are linked and controlled by nan MOIS. 

The FBI did not respond to a petition to supply much information. Telegram besides did not respond to a petition for comment.