Anonymous hackers, as exclusively reported by Hackread.com, waged a series of cyber attacks against the Iranian government in support of protestors. Now, Check Point Research has identified multiple hacker groups using Signal, Telegram, and Dark Web to support anti-government protestors in Iran. Their main objective is to bypass government restrictions.
This observation comes just days after anti-government protests erupted in Iran after Mahsa Amini’s death. It is worth noting that on September 16th, 2022, a 22-year-old Iranian woman named Mahsa Amini died in Tehran, Iran, under Police custody. Amini was arrested for failure to follow government-mandated forms of the Hijab.
According to researchers at Check Point, hacker groups are supporting the current situation of unrest in Iran by aiding anti-regime protestors by sharing open VPN servers to help them evade government censorship and internet status reports. They also teach protestors and activities about hacking guides.
Telegram groups boast a few hundred to thousands of members, such as the Official Atlas Intelligence Group (AIG) channel has 900 members and is involved in data leaking and selling. This group obtains official contact numbers, emails, and sensitive location maps of the regime and sells or leaks them online.
Additionally, they try to upsell IRGC’s private information. Similarly, the ARVIN Telegram group has 5000 members. This group covers protests in Iran and informs people about them with videos and reports from the streets.
RedBlue is another Telegram group identified by Check Point, which boasts 4000 members. This group focuses more on hacking guides and conversations. Another Telegram group has around 12,000 members.
Moreover, Signal and Tor Project are also used as potential platforms to offer proxies to Iranian citizens so that they can access the internet and avoid government censorship.
According to Check Point’s report, some groups offer a list of VPNs and proxies to help people bypass censorship in Iran, whereas others help protestors access social media websites. Hacker groups allow Iranian citizens to communicate and share the news with each other and discuss what the government wants to avoid.
“What we see are groups from the Telegram, dark web and also ‘regular’ web helping the protestors to bypass the restrictions and censorship that are currently in place by the Iranian Regime, as a way to deal with the protests. We began seeing these groups emerge roughly a day after the protests began.”