Israeli cybersecurity firm Check Point on Friday said a surveillance operation had targeted the smartphones of several hundred Iranian citizens via malware implanted in their handsets, indicating Tehran was responsible.
“This is the first time to our knowledge that a technical analysis technique has highlighted the fact a government has led a cyberespionage campaign on smartphones,” the firm’s vice-president for Europe, Thierry Karsenti, told AFP.
He added that smartphones were an ideal tool for surveillance as “they accompany you everywhere and are almost always switched on”.
The company said its investigation had found around 240 people affected and nearly all were Iranians, “consistently aligning with our estimation that this campaign is of Iranian origin”.
However, the firm also found some targets from Britain as well as Afghanistan.
Check Point also established that some supporters in Iran of the Islamic State group, as well as some of Kurdish and Turkish origin — people “that could pose a threat to stability of the Iranian regime” — had also been targeted by mobile applications containing spyware.
One of the applications monitored came from a firmware system update website which initially linked through to an Iranian internet protocol address before switching to a Russian one.