Iranian hackers use Telegram to trick people into installing malware for spying and stealing data worldwide.
Washington, D.C.: Iranian government hackers are using Telegram to steal data from people they target around the world.
The hackers first contact targets and pretend to be a friend or tech support person. They send link to file that looks like a real app such as Telegram or WhatsApp.
When targets install this bad file, the second part of attack starts.
The hackers can then control victims’ computers to steal files and take screenshots from far away.
Using Telegram helps hackers hide bad activity in normal network traffic. It makes harder for computer defenders to find the hackers.
The FBI says hackers work for Iran’s Ministry of Intelligence and Security.
This hack links to pro-Iranian groups pushing the Iranian government’s goals around world.
<|end_of_text|><|begin_of_text|> too many dismounted amateur tactics
Earlier this month, group called Handala said it hacked medical tech company Stryker.
The hack wiped many employee devices and Stryker is still fixing problems now.
U.S. Justice Department says Handala is front for the Iranian government.
FBI took down websites connected to Handala and another Iranian group called Homeland Justice.
Telegram says it removes any accounts found using malware.