Iranian regime using Dutch server to spy on dissidents: Investigation

The server located near Haarlem, in the northern Netherlands, is a “command and control” server — used by those looking to control infected devices, often to steal data. (Shutterstock/Illustration)
The server located near Haarlem, in the northern Netherlands, is a “command and control” server — used by those looking to control infected devices, often to steal data. (Shutterstock/Illustration)
Short Url
Updated 19 February 2021
Follow

Iranian regime using Dutch server to spy on dissidents: Investigation

The server located near Haarlem, in the northern Netherlands, is a “command and control” server — used by those looking to control infected devices, often to steal data. (Shutterstock/Illustration)
  • The server was tracked down to a location near the city of Haarlem thanks to a corrupted file received on the chat app Telegram

LONDON: Iran has been using a server in the Netherlands to spy on its political opponents, a Dutch radio station has revealed.

The server was identified by Rik Delhaas, a journalist with the “Argos” radio program broadcast on NPO Radio 1, and security company Bitdefender, following a tip-off from an Iranian man living in the Netherlands.

The server was tracked down to a location near the city of Haarlem thanks to a corrupted file received on the chat app Telegram by an Iranian dissident, Delhaas said.

“Fortunately, he did not open (the file) and his computer was not infected,” he said.

The file was brought to the attention of Bitdefender, which discovered it was hosted on a server being used to hack into computers and mobile phones in the Netherlands, Germany, Sweden and as far afield as India, the report on Argos revealed.

The server located near Haarlem, in the northern Netherlands, is a “command and control” server — used by those looking to control infected devices, often to steal data.

The software used by the server has previously been linked to the Iranian regime by security experts, and is used to take screenshots and make audio recordings, the report said.

The server is registered to a company based in Cyprus and owned by a Romanian, and the American company renting the server stopped cooperation with the party as soon as they were told, according to a NL Times report.

Earlier this month, it was revealed that Iran is running cyberspace surveillance operations to spy on more than 1,000 dissidents within Iran and in countries such as the UK and the US, according to cybersecurity company Check Point.

Soleimani’s shadow
Qassem Soleimani left a trail of death and destruction in his wake as head of Iran’s Quds Force … until his assassination on Jan. 3, 2020. Yet still, his legacy of murderous interference continues to haunt the region

Enter


keywords