Iranian Spyware Now Available in App Store

The National Council of Resistance to Iran (NCRI) released a new report this month that claims that apps offered on Google Play and Apple’s App Store are being used by Iranian intelligence services to monitor the activities of the Iranian people, as well as to export malware for cyber attacks against America, Iran News Update reports.

As the U.S. military and intelligence services are assessing the most potent cyber-threats to America, this represents a major escalation by the Iranian regime. Leaders of the CIA, NSA, and other agencies testified before the Senate Intelligence Committee last month, alleging that North Korea posed the highest threat, followed by Russia and China.

At the turn of this year, street protests raged across cities in Iran, as the Iranian people who are angry with the stagnant economy and lifestyle restrictions, shouted slogans that called for regime change. The protests that occurred in 2009 and in 2011-12 were also over concerns about declining standards of living, government corruption, and its meddling in the electoral process.

The regime blocked apps like Telegram during the protests. Now, the Islamic Revolutionary Guard Corps (IRGC) in collaboration with the Ministry of Intelligence and Security is developing a new domestic cyber warfare. The main opposition to the regime, the People’s Mojahedin Organization of Iran, has established that the regime used mass surveillance through codes embedded in IRGC-sponsored mobile apps to actively monitor and disrupt the communication of protesters and dissidents.

Café Bazaar, modeled after Google Play, is said to be established by IRGC as a homegrown marketplace of domestic mobile apps to spread spyware. Some of these spyware-enabled apps are also available on Google Play, the Apple Store, and GitHub. This makes millions of users worldwide vulnerable to the IRGC’s spyware and surveillance activities.

In his article for the New York Daily News, Tom Ridge, who served as U.S. secretary of homeland security and is a former governor of Pennsylvania wrote, “In a dictatorship, repression tends to move in tandem with the regime’s sense of vulnerability. In this context, Iran’s potential for cyber-attack and repression is worrisome indeed.”

The IRGC is believed to be recruiting cyber warfare personnel from Iran’s universities. Recruits are hired through front companies that often engage in “research” activities with a few of the IRGC’s handpicked professors. The NCRI report is a wake-up call to not only the nearly 48 million Iranians have smartphones, and 70% of Iranians have access to the Internet, but to rest of the world.

The international community could assist the Iranian people in their call for regime change and democracy by implementing effective measures to curb and confront the regime’s cyberspace repression.

U.S. intelligence officials must understand that the threat of cyber-surveillance of the Iranian people is also a threat to the U.S. as this spyware is readily available on Western app platforms. Millions of Americans are potentially exposed to information breaches.