MESOPOTAMIA NEWS INTEL : Iran spies on dissidents via web server based in Holland, registered in Cyprus
FEBRUARY 19, 2021 BY JOSEPH FITSANAKIS intel org
A WEB SERVER BASED in Holland and owned by a company registered in Cyprus is being used by the Iranian government to spy on its critics abroad, according to Dutch public radio. The information about Iranian espionage was revealed on Thursday by NPO Radio 1, one of Holland’s public radio stations, with the help of Romanian cybersecurity firm BitDefender.
The discovery was reportedly made after an Iranian dissident based in Holland was sent an infected file by a user of the popular instant messaging application Telegram. Instead of opening the file, the recipient contacted
cybersecurity experts, who identified it as a type of infected software that is known to have been used in the past by the Iranian state. Once it infects a computer, the software takes screenshots and uses the machine’s built-in microphone to make surreptitious recordings.
According to BitDefender’s cybersecurity experts, the server is being used for “command and control” functions in order to facilitate remote control of infected computers and phones. These functions include stealing data, as well as collecting screen shots and audio recordings. The server had been previously used to penetrate computers in Holland, Sweden, Germany, and several other countries, including India.
Cybersecurity experts from BitDefender found that the infected file was delivered to its target via a web server facility based in Haarlem, a city located 20 miles west of Amsterdam. The cybersecurity company said the server is registered to a company that belongs to a Romanian service provider. The company is registered in Cyprus and provides services to a number of companies, including in this case an American company. The latter reportedly stopped using the service provider once it was told of the Iranian connection, according to reports.
► Author: Joseph Fitsanakis |