Iranian-affiliated hackers are using an advanced version of DCHSpy malware to conduct espionage, targeting activists and journalists globally. The malware can exfiltrate various personal data and remotely activate device cameras and microphones, often using political and anti-regime lures. #DCHSpy #MuddyWater
Keypoints
- The new DCHSpy malware is linked to Iranian cyber espionage activities.
- It can extract data such as contacts, SMS, location, call logs, photos, and audio recordings.
- The malware is distributed via fake URLs on messaging platforms like Telegram.
- Political-themed lures, including references to Starlink, are used to deceive targets.
- Targets mainly include activists and journalists worldwide, opposing the Iranian regime.
Read More: https://therecord.media/malware-exfiltrates-whatsapp-iran-muddywater