Iranian Spyware Exposed

Uploaded on 2023-09-08 in FREE TO VIEW

The hacking gang GhostSec, has got global attention after saying it has hit the FANAP Behnama software, which it has described as the “Iran regime’s very own privacy-invading software.” The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness.

The GhostSec group was formed about 10 years ago with the specific aim of combating Islamist extremism online. It claims to have exposed 20GB of data including face recognition and motion detection systems that are used by the Iranian government to monitor and track its people.

After the outrage following the death of Mahsa Amini, who was in custody in 2022. She was arrested by the morality police of Iran for allegedly failing to wear appropriate religious dress, and there was a mass of protests since her death that have seen hundreds more killed or detained and so the revelations by GhostSec are considered to be on the moment by many Irainians.

GhostSec says it intends to make the data public, “in the interests of the Iranian people, but also in the interests of protecting the privacy of each and every one of us.” There are claims that GhostSec’s actions align with hacktivist principles, they also position themselves as advocates for human rights.

The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness. This attack exposes the Iranian regime’s capacity and willingness to put its citizens under intrusive scrutiny in a fundamental breach of the human right to privacy.

The group itself even said in its statement: “This is not about technology and software, it’s about the privacy of the people, civil liberties, and a balance of power.”

Apparently the group also established a Telegram channel titled “Iran Exposed” through which they intend to share information about the breach and have already shared some compromised data accompanied by explanations of their findings and the rationale behind their actions.

GhostSec is believed to be an offshoot of the wider Anonymous hacktivist group that emerged around 2015, thought to be partly in response to the ISIS terrorist attacks in France the same year.

Since its emergence, it claims to have sabotaged hundreds of portals and social media accounts promoting Islamist extremism. GhostSec’s intention to amplify opposition to the intrusive scrutiny that undermines fundamental human rights in Iran and many other countries.

I-HLS:     Cyber News:     Hackread:     OSINT Team:     Cyberint:     TikTok:     Iran Xposed:     Wikipedia

You Might Also Read: 

A ‘FunnyDream’ From China:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« LockBit Hacked Montreal's Electricity Supplier
CISA's Post-Quantum Cryptography Initiative »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

ReSec Technologies

ReSec Technologies

ReSec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

Gospel Technology

Gospel Technology

Gospel presents a totally new way of accessing and controlling data which is enterprise grade scalable, highly resilient, and secure.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

Cyber Security & Cloud Expo

Cyber Security & Cloud Expo

The Cyber Security & Cloud Expo is an international event series in London, Amsterdam and Silicon Valley.

Cyber@StationF

Cyber@StationF

Cyber@StationF is an up to 6 months international startup acceleration programme, whose members provide solutions for the Cybersecurity industry.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

spiderSilk

spiderSilk

spiderSilk is a Dubai-based cybersecurity firm, specializing in simulating the most advanced cyber offenses on your technology so you can build your best security defenses.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

IntegraONE

IntegraONE

IntegraONE is a IT solutions provider offering a full range of networking and technology solutions.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

Silk Security

Silk Security

Silk is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk.