The Iranian Regime has long struggled to restrict access to the internet in order to keep its censorship machine running smoothly.
After all, they saw the damage the internet could do to their brutal regime when images and videos of the Regime’s violence toward peaceful protesters went viral on social media in 2009.
But things have gotten worse for the mullahs in recent years, with the increased popularity of secure, encrypted messaging applications (i.e. Telegrams, Whatsapp) that make it harder for governments to monitor an individual’s internet traffic.
A new report by Iranian opposition coalition, the National Council of Resistance of Iran (NCRI) sheds light on the Regime’s desperate campaign to adapt its surveillance and censorship equipment in order to survive now that the internet is so commonplace.
The report, entitled “Iran: Cyber Repression: How the IRGC Uses Cyberwarfare to Preserve the Theocracy”, exposes how the Regime covertly and overtly spies on its citizens and spreads propaganda across social media.
The NCRI also provided a list of Regime-created variations of the Telegram app, promoted as Farsi versions, which the Regime wanted to trick the public into downloading in order to spy on their internet activity, identify and arrest activists, and introduce malware that would prevent the user from accessing opposition channels.
The most downloaded of the Regime’s apps is Mobogram, developed by Hanista, a front company for the Iranian Revolutionary Guards (IRGC).
The Regime even slowed down or blocked traffic to the official Telegram app to force people into downloading their versions.
The Regime is specifically targeting Telegram because it has over 40 million users in Iran and was widely used by protesters in the uprising at the start of 2018.
The Regime even got its malware-filled apps onto Google Play and Apple’s App Store, which violates the terms of service for both stores. Google has since identified one and removed it, but there are more on there.
Alireza Jafarzadeh, the deputy director of the NCRI’s Washington office, said: “The Iranian regime is currently hard at work to test the success of these apps on the people of Iran first. If not confronted, its next victims will be the people of other nations.”
Jafarzadeh added that the unit responsible for this surveillance is the same one tasked with cyber warfare against the West.
What can be done?
The Iranian Regime is unlikely to impose a total internet blackout as they fear repercussions on their already bankrupt economy, which will fuel social unrest. That’s why they’re trying to maintain control with cyber espionage.
• The tech community must work with governments in order to counter the Iranian Regime’s censorship efforts
• Internet service providers should work with the Iranian Resistance to identify the front companies and developers that are making and distributing malicious apps on behalf of the Iranian Regime
• All app stores must investigate the apps on their site and remove malware-inflicted apps exposed by the NCRI
• Telegram should revoke the Iranian Regime’s developers access to its Application Programming Interfaces, so that they can no longer create malware-infected versions