- From Alerts to Action: How AI Empowers SOC Analysts to Make Better Decisions
- Herencia, propósito y creatividad confluyen sobre un manto tecnológico en los irrepetibles UMusic Hotels
- OpenAI, SoftBank, Oracle lead $500B Project Stargate to ramp up AI infra in the US
- 오픈AI, 700조원 규모 'AI 데이터센터' 프로젝트 착수··· 소프트뱅크·오라클 참여
- From Election Day to Inauguration: How Cybersecurity Safeguards Democracy | McAfee Blog
Hackers Use Telegram and Signal to Assist Protestors in Iran
Multiple hacker groups are using Telegram, Signal and dark web tools to aid anti–government protestors in Iran to bypass regime restrictions.
The news comes from security experts at Check Point Research (CPR), weeks after the death of Mahsa Amini, a protestor who was arrested for violating laws requiring women to wear a headscarf and died allegedly in police custody.
“What we see are groups from the Telegram, dark and also ‘regular’ web helping the protestors to bypass the restrictions and censorship that are currently in place by the Iranian Regime, as a way to deal with the protests,” Liad Mizrachi, a security researcher at Check Point told Infosecurity Magazine. “We began seeing these groups emerge roughly a day after the protests began.”
Hacker groups have been witnessed by CPR, allowing people in Iran to communicate with each other despite the government’s censorship attempts.
“Key activities are data leaking and selling, including officials’ phone numbers and emails, and maps of sensitive locations,” Check Point wrote in a report shared with Infosecurity Magazine.
“CPR sees the sharing of open VPN servers to bypass censorship and reports on the internet status in Iran, as well as the hacking of conversations and guides.”
More specifically, CPR shared five examples of these groups. The first one is the Official Atlas Intelligence Group channel on Telegram. Counting over 900 members, the channel focuses on leaking data that can help against the regime in Iran.
The second Telegram group spotted by CPR is ARVIN, which counts roughly 5000 members and provides news from the protests in Iran, reports and videos from the streets where the protests are, and information about the internet status in Iran.
The third Telegram group mentioned in the CPR report is RedBlue, a channel with about 4000 members and mainly focusing on hacking conversations and guides.
Beyond these Telegram channels, Check Point also mentions the Tor Project and Signal as platforms providing proxies to enable Iranian citizens to circumvent government censorship, access the internet and communicate securely.
“These groups allow people in Iran to communicate with each other and share news around what is going on at different places,” Mizrachi added. “We will continue to monitor the situation.”
The CPR report comes weeks after Albania cut ties with Iran over a July ransomware attack that temporarily shut down numerous Albanian government digital services and websites.
