Iranian Spyware Exposed

The hacking gang GhostSec, has got global attention after saying it has hit the FANAP Behnama software, which it has described as the “Iran regime’s very own privacy-invading software.” The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness.

The GhostSec group was formed about 10 years ago with the specific aim of combating Islamist extremism online. It claims to have exposed 20GB of data including face recognition and motion detection systems that are used by the Iranian government to monitor and track its people.

After the outrage following the death of Mahsa Amini, who was in custody in 2022. She was arrested by the morality police of Iran for allegedly failing to wear appropriate religious dress, and there was a mass of protests since her death that have seen hundreds more killed or detained and so the revelations by GhostSec are considered to be on the moment by many Irainians.

GhostSec says it intends to make the data public, “in the interests of the Iranian people, but also in the interests of protecting the privacy of each and every one of us.” There are claims that GhostSec’s actions align with hacktivist principles, they also position themselves as advocates for human rights.

The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness. This attack exposes the Iranian regime’s capacity and willingness to put its citizens under intrusive scrutiny in a fundamental breach of the human right to privacy.

The group itself even said in its statement: “This is not about technology and software, it’s about the privacy of the people, civil liberties, and a balance of power.”

Apparently the group also established a Telegram channel titled “Iran Exposed” through which they intend to share information about the breach and have already shared some compromised data accompanied by explanations of their findings and the rationale behind their actions.

GhostSec is believed to be an offshoot of the wider Anonymous hacktivist group that emerged around 2015, thought to be partly in response to the ISIS terrorist attacks in France the same year.

Since its emergence, it claims to have sabotaged hundreds of portals and social media accounts promoting Islamist extremism. GhostSec’s intention to amplify opposition to the intrusive scrutiny that undermines fundamental human rights in Iran and many other countries.

I-HLS:     Cyber News:     Hackread:     OSINT Team:     Cyberint:     TikTok:     Iran Xposed:     Wikipedia

You Might Also Read: 

A ‘FunnyDream’ From China:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« LockBit Hacked Montreal's Electricity Supplier
CISA's Post-Quantum Cryptography Initiative »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LogonBox Software

LogonBox Software

LogonBox Software specialises in producing a cost-effective range of Network Security and Identity Management software solutions for all sizes of Enterprise.

SecuPi

SecuPi

SecuPi delivers data-centric security with data-flow discovery, real-time monitoring, behavior analytics, and protection across web and enterprise applications and big data environments.

RiskCentric

RiskCentric

RiskCentric is a consultancy specializing in risk management and compliance.

Science Applications International Corporation (SAIC)

Science Applications International Corporation (SAIC)

SAIC is a premier technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. Services and solutions include Cybersecurity.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Repulsa

Repulsa

Repulsa provides state-of-the-art, patented, fast filtering with over 700 million malicious IP addresses and over 30 million categorized site listings updated daily.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

Take Five

Take Five

Take Five is a national campaign offering straight-forward, impartial advice that helps prevent email, phone-based and online fraud – particularly where criminals impersonate trusted organisations.

TestArmy

TestArmy

TestArmy CyberForces provide you with a broad spectrum of cybersecurity services to test every aspect of your IT infrastructure security and software development process.

EasyDMARC

EasyDMARC

EasyDMARC deliver the most comprehensive product for anyone who strives to build the most secure possible defence system for their email ecosystem.

Aunalytics

Aunalytics

Aunalytics is a data platform company that delivers insights as a service to answer your most important IT and business questions.

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.