1. Yemen Details
  2. Iran
on Wednesday 1 December, 2021

Hackers targeting and stealing billions from Iranian citizens in texting scheme

by : The Hill

Financially motivated hackers likely based in Iran are successfully targeting and stealing billions in currency from Iranian civilians through a texting campaign, new research released Wednesday found.

Israeli-American cybersecurity company Check Point Research found evidence that tens of thousands of Iranians had been targeted in the scheme, which involved the hackers sending texts to Android users that impersonated branches of the Iranian government.

The texts prompted victims to download malicious applications that then steal credit card information and two-factor authentication codes, with the infected devices then used as bots by the hackers to spread the campaign further. The average victim lost between $1,000 and $2,000, and the Check Point researchers found that the stolen data was easily accessible online to third parties.

"The general population of Iran is in a growing situation where cyber attacks significantly impact day-to-day lives,” Alexandra Gofman, the Threat Intelligence Team Leader at Check Point Software, said in a quote provided to The Hill. “We believe these recent cyber attacks to be financially motivated and a form of pure cyber crime. We suspect the threat actors involved are likely from Iran itself.”

The new research was released months after Check Point Research published separate findings tying cyberattacks on Iran’s railroad system and its Ministry of Roads and Urbanization to a hacking group known as “Indra,” which Check Point concluded was likely not controlled by a nation state and was opposed to the Iranian regime.

Gofman noted that while the new findings were not directly connected to the Indra hacking group, both incidents highlighted the “significant damage” cyberattacks could do to the Iranian population.

“The velocity and spread of these cyber attacks are unprecedented. It's an example of a monetarily-successful campaign aimed at the general public,” Gofman stressed. “The campaign exploits social engineering and causes major financial loss to its victims, despite the low quality and technical simplicity of its tools.”

The report from Check Point noted that while there are steps to take that can prevent Android devices from being compromised, such as only downloading applications on official stores, it was critical to raise awareness about SMS-phishing threats among the public.

“Although these specific campaigns are widespread in Iran, they can take place in any other part of the world,” Gofman said. “I think it's important to raise awareness of social engineering schemes that are employed by malicious actors."

See Also
UK joins US, Canada in imposing sanctions on Iran’s drone, missile Industries
US sanctions four over ‘malicious cyber activity’ for Iran’s military
EU foreign ministers agree to expand Iran sanctions
Man arrested in Paris after Iran consulate incident
Most read
Moscow says US hybrid war against Russia will turn into humiliation
Germany to send new frigate to protect ships in Red Sea
Lebanon’s Hezbollah says three fighters killed in Israeli strike
Ukraine says struck Russian ship in annexed Crimea
34,097 Palestinians killed in Israel’s offensive on Gaza since Oct 7: Ministry