Iran’s RampantKitten spy crew were snooping on expats and dissidents for six years


Infosec outfit Check Point says it has uncovered a six-year Iranian cyber-spying campaign directed at expats and dissidents worldwide.

The Iranian crew, nicknamed RampantKitten, used a variety of infostealers to help themselves to targets’ files, as well as extracting passwords from management software KeePass and breaking into Telegram Desktop installations.

A malicious Android app posing as a translation app for Farsi speakers in Sweden to pass local driving tests was also deployed to steal data from expats and potential anti-Iranian-regime dissidents.

Read more…
Source: The Register