An Iranian hacker group that has developed tools to steal information from Windows systems, Telegram, and even via SMS. These hacking tools were primarily used against Iranian minorities, anti-regime organizations, and resistance movements. This hacker group is named as “Rampant Kitten”, and they’ve been active for around six years. Their hacking tool includes four variants of Windows info stealers that can steal the user’s personal documents. It can also get access to the user’s Telegram desktop app, and KeePass account information as well.
The hackers also developed an Android backdoor that can extract two-factor authentication codes from SMS messages. This Android backdoor is disguised as an app that helps Persian speakers in Sweden get their driver’s license. Telegram is another popular platform for these hackers to exploit. In some cases, the hackers posed as the official Telegram account and hosted phishing pages on the platform.