Iranian Spyware Exposed

The hacking gang GhostSec, has got global attention after saying it has hit the FANAP Behnama software, which it has described as the “Iran regime’s very own privacy-invading software.” The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness.

The GhostSec group was formed about 10 years ago with the specific aim of combating Islamist extremism online. It claims to have exposed 20GB of data including face recognition and motion detection systems that are used by the Iranian government to monitor and track its people.

After the outrage following the death of Mahsa Amini, who was in custody in 2022. She was arrested by the morality police of Iran for allegedly failing to wear appropriate religious dress, and there was a mass of protests since her death that have seen hundreds more killed or detained and so the revelations by GhostSec are considered to be on the moment by many Irainians.

GhostSec says it intends to make the data public, “in the interests of the Iranian people, but also in the interests of protecting the privacy of each and every one of us.” There are claims that GhostSec’s actions align with hacktivist principles, they also position themselves as advocates for human rights.

The group has shared as evidence a portion of the software’s source code, showcasing its distinctive facial recognition functionality that enhances its surveillance effectiveness. This attack exposes the Iranian regime’s capacity and willingness to put its citizens under intrusive scrutiny in a fundamental breach of the human right to privacy.

The group itself even said in its statement: “This is not about technology and software, it’s about the privacy of the people, civil liberties, and a balance of power.”

Apparently the group also established a Telegram channel titled “Iran Exposed” through which they intend to share information about the breach and have already shared some compromised data accompanied by explanations of their findings and the rationale behind their actions.

GhostSec is believed to be an offshoot of the wider Anonymous hacktivist group that emerged around 2015, thought to be partly in response to the ISIS terrorist attacks in France the same year.

Since its emergence, it claims to have sabotaged hundreds of portals and social media accounts promoting Islamist extremism. GhostSec’s intention to amplify opposition to the intrusive scrutiny that undermines fundamental human rights in Iran and many other countries.

I-HLS:     Cyber News:     Hackread:     OSINT Team:     Cyberint:     TikTok:     Iran Xposed:     Wikipedia

You Might Also Read: 

A ‘FunnyDream’ From China:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« LockBit Hacked Montreal's Electricity Supplier
CISA's Post-Quantum Cryptography Initiative »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Bounga Informatics

Bounga Informatics

Bounga Informatics provides Digital Forensics, E-Discovery, and Endpoint Security software, hardware, and training in Singapore and other countries in Asia Pacific.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

adaware

adaware

adaware is an award-winning security and privacy software provider, empowering users to connect with confidence.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

Xmirror Security

Xmirror Security

Xmirror Security focuses on integrated detection and defense of the continuous threat to the DevSecops software supply-chain with artificial intelligence technology as the core.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

CyberGate Technologies

CyberGate Technologies

CyberGate Technologies is a world-class, customer focus cyber security service and consultancy company operating the UK, Europe, Middle East, and Africa.

Aberrant

Aberrant

A radically new approach to managing information security. Aberrant is the single pane of glass through which a security program can be viewed.

Defence Logic

Defence Logic

Defence Logic is a cyber security company serving clients in many business sectors. Our consultancy services include Penetration Testing, Security Reviews and Monitoring.

UFS Technology

UFS Technology

UFS, the bank technology outfitter for community banks, provides purpose-built, bank-exclusive technology services and solutions including cybersecurity.

CR Group

CR Group

CR Group is a Swedish-owned, cyber-security company oriented towards the European market. We offer solutions for vital societal functions that are both easy-to-buy and easy-to-use.

Styx Intelligence

Styx Intelligence

Styx Intelligence’s platform provides visibility and supports remediation against threats targeting your digital assets.

Ridgeline International

Ridgeline International

Ridgeline helps organizations manage digital risk through data privacy and secure infrastructure solutions.