Check Point Research (CPR) is monitoring several cybercriminals who are using news programs such as Telegram, Signal and the Dark Web to help anti-government protesters in Iran circumvent authorities' restrictions.
Check Point Research, the research division of Check Point Software Technologies Ltd. is currently observing various groups that are using various channels to help protesters and government critics in Iran circumvent virtual borders and restrictions. Key activities include leaking and selling data, including officials' phone numbers and emails, and maps of sensitive locations.
Hackers who just help like that?
CPR tracks the sharing of open VPN servers to bypass censorship and the reports on the internet status in Iran, as well as hacking conversations and guides. Telegram, Signal and the Dark Web itself serve as channels, for example. Monitoring of the activities began a day after anti-government protests began, prompted by the death of Mahsa Amini, who died after being arrested for allegedly violating laws requiring women to wear headscarves.
The hacker groups allow protesters in Iran to communicate and exchange news about what is happening in different places, which the government tries to avoid in order to contain the protests.
Selling information partly as a source of income
As in any other case, there are some gangs trying to profit from the situation and sell information from Iran and the government. Liad Mizrachi, security researcher at Check Point Software, explains: "What we are seeing are groups from Telegram, Signal, the dark web, and mainstream internet helping protesters to circumvent the restrictions and censorship that Iranian authorities are currently applying, to deal with the protests. These groups emerged about a day after the protests began. We will monitor the situation.”
Check Point lists all groups and what goals they are pursuing on its blog.
More at CheckPoint.com
About check point Check Point Software Technologies GmbH (www.checkpoint.com/de) is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.