Iranians Targeted with Advanced Spyware Ahead of War with Israel.
PorAinvest
martes, 22 de julio de 2025, 8:19 am ET1 min de lectura
AAPL--
Miaan Group, a digital human rights organization based in Austin, Texas, and Hamid Kashfi, a Sweden-based cybersecurity researcher, independently discovered the spyware attacks. The attacks were first detected in the first half of 2025, with victims receiving threat notifications from Apple Inc. The notifications described the attacks as "exceptionally rare" and costing "millions of dollars."
The spyware was used to target individuals both inside Iran and abroad. The victims included two Iranian dissidents inside the country and a technology worker who is an Iranian citizen living in Europe. Another cybersecurity researcher, Kashfi, found 12 victims, all inside Iran and working either in the country’s technology sector or for the government.
The spyware used in the attacks is believed to be highly sophisticated, with a level of sophistication comparable to the Pegasus spyware from NSO Group. The attacks were carried out without any interaction from the victims, indicating the use of zero-day zero-click techniques.
The research highlights the growing sophistication of cyber-espionage tools being used by Iranian state actors. The attacks underscore the potential risks posed by advanced persistent threat (APT) groups, which are increasingly targeting mobile devices for intelligence gathering.
The latest developments add to a growing body of evidence that Iranian threat actors are investing in custom-built mobile malware frameworks for intelligence gathering. According to Lookout Inc., a mobile security firm, the Iranian state-aligned cyberespionage group MuddyWater has further developed its Android surveillanceware known as DCHSpy. The group has been linked to the Iranian Ministry of Intelligence and Security.
The attacks come amid ongoing tensions in the Middle East and highlight the need for robust cybersecurity measures. As the conflict between Iran and Israel continues, the risk of further cyberattacks is likely to remain high.
References:
[1] https://www.bloomberg.com/news/articles/2025-07-22/iranians-targeted-with-spyware-in-lead-up-to-war-with-israel
[2] https://siliconangle.com/2025/07/21/iranian-hackers-expand-android-spyware-campaign-amid-middle-east-tensions/
Iranians were targeted with highly advanced spyware in the lead-up to the country's war with Israel, with over a dozen mobile phones compromised. The attacks, which exploited hidden vulnerabilities, were likely carried out by "zero-day zero-click" attacks. Victims included Iranian dissidents, technology workers, and government officials. It's unclear who was behind the attacks.
In the lead-up to the recent conflict between Iran and Israel, over a dozen Iranian mobile phones were targeted with highly advanced spyware, according to new research. The attacks, which exploited hidden vulnerabilities, were likely carried out using "zero-day zero-click" techniques. The victims included Iranian dissidents, technology workers, and government officials. The identities of the attackers remain unclear.Miaan Group, a digital human rights organization based in Austin, Texas, and Hamid Kashfi, a Sweden-based cybersecurity researcher, independently discovered the spyware attacks. The attacks were first detected in the first half of 2025, with victims receiving threat notifications from Apple Inc. The notifications described the attacks as "exceptionally rare" and costing "millions of dollars."
The spyware was used to target individuals both inside Iran and abroad. The victims included two Iranian dissidents inside the country and a technology worker who is an Iranian citizen living in Europe. Another cybersecurity researcher, Kashfi, found 12 victims, all inside Iran and working either in the country’s technology sector or for the government.
The spyware used in the attacks is believed to be highly sophisticated, with a level of sophistication comparable to the Pegasus spyware from NSO Group. The attacks were carried out without any interaction from the victims, indicating the use of zero-day zero-click techniques.
The research highlights the growing sophistication of cyber-espionage tools being used by Iranian state actors. The attacks underscore the potential risks posed by advanced persistent threat (APT) groups, which are increasingly targeting mobile devices for intelligence gathering.
The latest developments add to a growing body of evidence that Iranian threat actors are investing in custom-built mobile malware frameworks for intelligence gathering. According to Lookout Inc., a mobile security firm, the Iranian state-aligned cyberespionage group MuddyWater has further developed its Android surveillanceware known as DCHSpy. The group has been linked to the Iranian Ministry of Intelligence and Security.
The attacks come amid ongoing tensions in the Middle East and highlight the need for robust cybersecurity measures. As the conflict between Iran and Israel continues, the risk of further cyberattacks is likely to remain high.
References:
[1] https://www.bloomberg.com/news/articles/2025-07-22/iranians-targeted-with-spyware-in-lead-up-to-war-with-israel
[2] https://siliconangle.com/2025/07/21/iranian-hackers-expand-android-spyware-campaign-amid-middle-east-tensions/
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
Comentarios
Aún no hay comentarios