Skip To Content
BuzzFeed News Home Reporting To You

Utilizamos cookies, próprios e de terceiros, que o reconhecem e identificam como um usuário único, para garantir a melhor experiência de navegação, personalizar conteúdo e anúncios, e melhorar o desempenho do nosso site e serviços. Esses Cookies nos permitem coletar alguns dados pessoais sobre você, como sua ID exclusiva atribuída ao seu dispositivo, endereço de IP, tipo de dispositivo e navegador, conteúdos visualizados ou outras ações realizadas usando nossos serviços, país e idioma selecionados, entre outros. Para saber mais sobre nossa política de cookies, acesse link.

Caso não concorde com o uso cookies dessa forma, você deverá ajustar as configurações de seu navegador ou deixar de acessar o nosso site e serviços. Ao continuar com a navegação em nosso site, você aceita o uso de cookies.

Hackers From Iran Are Reportedly Stealing People’s Travel And Mobile Data In The Middle East

The previously undetected group — dubbed APT39 — is thought to be providing information to the Iranian government.

Posted on January 29, 2019, at 6:10 a.m. ET

Dado Ruvic / Reuters

A previously undetected Iranian cyber espionage group with potential links to the country’s government has been stealing travel information and mobile data of individuals in the Middle East, a new report says.

According to cybersecurity research firm FireEye, the Iranian group — dubbed APT39 — has targeted a wide range of people but especially in the Gulf.

FireEye analysts had been following the group’s activities since 2014, said FireEye’s senior manager for cyber espionage analysis, Benjamin Read.

Read said it was unclear in what capacity the group was working, and how it supported the Iranian government, but that the group was not collecting data that could be easily monetized. Instead, it has been collecting individuals’ call data and information about travel routes rather than credit card numbers or billing information.

“There are criminal groups operating out of Iran, but this kind of information is going to be more useful to a government,” he said. “We believe they’re acting in support of the Iranian government.”

Read declined to say which countries or individuals were specifically targeted.

The group’s operating times were consistent with the Iranian workday, he added, and it had used Persian language words in encrypting data. The group operates by using “spear-phishing” emails that target specific people and include malicious attachments or links that entice the recipient to click, the report says.

The report comes after the EU’s digital security body stated Iran is likely to ramp up its cyber espionage efforts, particularly in the region. Iran has in the past rejected charges that the country engages in cyber espionage, saying Iranian cyber capabilities are for defense only.

A BuzzFeed News investigation, in partnership with the International Consortium of Investigative Journalists, based on thousands of documents the government didn't want you to see.