New Iran Cyber Attacks will Target Android Apps

Cybersecurity experts are warning that Iran is preparing cyber attacks against mobile device users. Ransomware and malware attacks are expected to target mobile Android-based devices. Users should be especially cautious toward unofficial markets that offer Android apps.

Azadi Tower, Azadi Square, Tehran, Iran

Accenture iDefense wrote in a recent cyber threat report that its intelligence team has measured a “significant uptick” in cyber attack campaigns launched from Iran. The report, titled “Cyber Threatscape Report 2018,” expects these attacks to increase in frequency into 2019.

Both state actors and Iranian hacktivists seem to favor attacking apps that are unverified by the Google app store. These attacks seek to plant malware into mobile devices. Buyers should also be forewarned that Iranian hackers are working to plant malicious code into verified apps at the Google store, Accenture wrote.

The cybersecurity company is tracking an Iranian gang called Pipefish. This group is attacking organizations in the Middle East for espionage purposes. The attack could target Israel, Saudi Arabia, Bahrain and other countries that supported the US and its decision to cancel the controversial Iran nuclear accord.

Pipefish has developed a toolbox that exploits machines to carry out remote execution commands. The gang has apparently used a crypto-jacking exploit that has already shut down or disrupted Middle East pipelines and facilities.

Tehran Iran

Ransomware, though, appears to be the tool of choice from Iran, Accenture wrote. The Islamic Revolutionary Guard is the main actor in the use of ransomware.

According to the cybersecurity analysis, the ransomware attackers will demand crypto ransoms – payment in Bitcoin. One ransomware called “Black Ruby” scrambles and encrypts files and demands $650 in crypto-coin BTC.

The impetus behind this latest cyber warfare appears to be that the Iranian mullahs and the country’s criminal class are angry that the United States is clamping sanctions on the country again. The sanctions will hit Iran hard in its wallet. Thus, Iranian state actors and the criminal element will use cyber attacks to steal cash.

People who download Android apps, especially from unapproved sources, should exercise extreme caution. Cybersecurity experts are warning that the Iranians are on the prowl, looking for ways to snatch cash from Android users.

Isaac Adams-Hands

Full Stack Developer, Digital Marketer, and InfoSec enthusiast. He received his Bachelor’s Degree from the University of Western Sydney and his Business Diploma from Georgian College before joining various marketing positions in search portals, e-commerce, higher education, and addiction recovery services.

Follow @ twitter

Related posts

pwn any Mac

Many people at my office come and go, with that, we often have computers locked and without admin rights access. You can easily gain access to any Mac by restarting the setup assistant (making the computer think its new again). Don’t worry, you won’t loose any information. All it does is sets up a new admin… Read More

Emerging & evolving Cybersecurity threat models

Cybersecurity threats are constantly changing, and this isn’t going to improve any time soon. Data privacy and security breaches are only going to increase in 2019. Today’s world is powered by the internet, smartphones, computers, and the IoTs (Internet of Things); which provides a constant threat platform for hackers and malicious software. Threat vectors have… Read More