Ethical Hacking News
The U.S. Federal Bureau of Investigation (FBI) has warned about the use of Telegram as a command-and-control (C2) infrastructure by Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS). The warning highlights the threat posed by malware attacks targeting journalists, dissidents, and oppositional groups worldwide.
The FBI has warned about Iranian hackers using Telegram as a command-and-control (C2) infrastructure. The malware attacks target journalists, dissidents, and oppositional groups worldwide, resulting in intelligence collection, data leaks, and reputational harm. The warning is part of a larger effort by the FBI to maximize awareness of malicious Iranian cyber activity and provide mitigation strategies. The FBI has previously warned about Iranian hackers using Telegram for malware attacks. Russian intelligence-linked threat actors are targeting Signal and WhatsApp users in phishing campaigns that have compromised thousands of accounts.
The U.S. Federal Bureau of Investigation (FBI) has issued a warning about the use of Telegram as a command-and-control (C2) infrastructure by Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS). The warning, which was issued on Friday, highlights the threat posed by malware attacks targeting journalists criticizing the Iranian government, Iranian dissidents, and various other oppositional groups worldwide.
According to the FBI, the Iranian hackers are using social engineering tactics to infect targets' devices with Windows malware that enables them to exfiltrate screenshots or files from compromised computers. The malware has resulted in intelligence collection, data leaks, and reputational harm against the targeted parties.
The warning was issued as part of a larger effort by the FBI to maximize awareness of malicious Iranian cyber activity and provide mitigation strategies to reduce the risk of compromise. This is not the first time that the FBI has warned about Iranian hackers using Telegram for malware attacks.
In recent months, the FBI has seized several domains linked to the Handala hacktivist group, which is also known as the Handala Hack Team, Hatef, or Hamsa. The domains were used by the group and its allies to leak sensitive documents and data stolen in cyberattacks targeting victims in the United States and around the world.
The FBI has also warned that Russian intelligence-linked threat actors are targeting Signal and WhatsApp users in phishing campaigns that have already compromised thousands of accounts. These attacks target individuals of high intelligence value, such as current and former U.S. government officials, military personnel, political figures, and journalists.
In addition to the warning about Iranian hackers using Telegram for malware attacks, the FBI has also issued a public service announcement about the threat posed by Russian intelligence-linked threat actors. The announcement warns that these actors are targeting individuals of high intelligence value with phishing campaigns that have already compromised thousands of accounts.
The recent surge in cyberattacks attributed to Iranian and Russian hackers highlights the ongoing threat posed by state-sponsored hacking groups. These groups use a range of tactics, including social engineering, malware attacks, and phishing campaigns, to target their victims and steal sensitive information.
To mitigate the risk of compromise, individuals and organizations are advised to take several precautions. These include keeping their operating systems and software up to date, using strong passwords and two-factor authentication, and being cautious when clicking on links or opening attachments from unknown sources.
The FBI's warning about Iranian hackers using Telegram for malware attacks is a reminder that the threat posed by state-sponsored hacking groups is real and ongoing. It is essential that individuals and organizations take steps to protect themselves against these threats and report any suspicious activity to the authorities.
Related Information:
https://www.ethicalhackingnews.com/articles/FBI-Issues-Warning-on-Iranian-Hackers-Use-of-Telegram-in-Malware-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
https://www.msn.com/en-us/technology/cybersecurity/fbi-iran-using-telegram-to-target-critics-worldwide/ar-AA1Z5DKo
https://infosecwriteups.com/cti-research-handala-hack-group-aka-handala-hack-team-ddbdd294cfb8
https://www.criticalstart.com/resources/research-report/cssa260303-the-threat-–-handala-hack-team
https://www.ransomlook.io/group/handala
https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Handala+Hack+Team&n=1
https://thecyberexpress.com/who-is-handala-hackers-in-stryker-cyberattack/
Published: Mon Mar 23 07:11:47 2026 by llama3.2 3B Q4_K_M
