Iran spied on ISIS supporters through fake phone wallpaper app, say researchers

September 14, 2018 by 1 Comment

Cell Phone - IASupporters of the Islamic State, most of them Persian speakers, were spied on by the government of Iran after they downloaded a fake smartphone application with wallpaper images, according to an online security firm. Iran is a major adversary of the radical Sunni group Islamic State. The latter considers Shiism (Iran’s state religion) as an abomination. Not surprisingly, therefore, the Islamic State, which is also known as the Islamic State of Iraq and Syria (ISIS), relies largely on supporters from the Arabic-speaking regions of the Levant. But according to estimates, Sunnis constitute about 10 percent of Iran’s population, and ISIS has found some fertile ground among Iran’s 8 million-strong Sunni minority. As a result, the government in Tehran is highly mistrustful of Iranian Sunnis, many of whom are ethnic Kurds, Baluchis, Azeris or Turkomans, and systematically spies on them.

According to the Israeli online security firm Check Point Software Technologies, one way in which Tehran has spied on Persian-speaking ISIS supporters is through fake smartphone applications. In an article published last week, the company said it had uncovered a state-sponsored surveillance operation that it had codenamed “Domestic Kitten”. The Check Point article said that the operation had gone on for more than two years, but had remained undetected “due to the artful deception of its attackers towards their targets”. The surveillance of targeted phones was carried out with the help of an application that featured pro-ISIS-themed wallpapers, which users could download on their devices. Yet another program linked to the same vendor was a fake version of the Firat News Agency mobile phone application. The Firat News Agency is a legitimate Iranian information service featuring news about Iran’s Kurdish minority. But both applications were in fact malware that gave a remote party full access to all text messages sent or received on the compromised phones. They also gave a remote party access to records of phone calls, Internet browser activity and bookmarks, and all files stored on the compromised phones. Additionally, the fake applications gave away the geo-location of compromised devices, and used their built-in cameras and microphones as surveillance devices.

Check Point said that the majority of compromised phones belonged to Persian-speaking members of Iran’s Kurdish and Turkoman minorities. The company stressed that it was not able to confirm the identity of the sponsoring party with absolute accuracy. However, the nature of the fake applications, the infrastructure of the surveillance operation, as well as the identities of those targeted, posed a strong possibility that “Domestic Kitten” was sponsored by the government of Iran, it concluded. Last July, the American cyber security firm Symantec said that it had uncovered a new cyber espionage group called “Leafminer”, which was allegedly sponsored by the Iranian state. The group had reportedly launched attacks on more than 800 agencies and organizations in in countries such as Israel, Egypt, Bahrain, Qatar, Kuwait, the United Arab Emirates, Afghanistan and Azerbaijan.

Author: Ian Allen | Date: 14 September 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

US announces arrest of two men charged with spying for Iran

August 21, 2018 by 2 Comments

Mujahedin-e KhalqAuthorities in the United States have announced the arrests of two men who have been charged with spying on American soil on behalf of the Islamic Republic of Iran. The men were reportedly arrested on August 9, but information about them was only released on Monday by the US Department of Justice. In a press statement published online, John Demers, US Assistant Attorney General for National Security, said the men were arrested because of concerns that they “acted on behalf of Iran”. They were identified as Ahmadreza Mohammadi Doostdar, 38, and Majid Ghorbani, 59. Doostdar is reportedly a dual citizen of the US and Iran, while Ghorbani is an Iranian citizen who lives in the US state of California. The two men are not believed to be diplomats.

According to the US government, the men were observed “conducting surveillance of political opponents and engaging in other activities that could put Americans at risk”. The press statement alleges that Doostdar carried out surveillance of a Jewish center in Chicago, while Ghorbani attended meetings and rallies organized by Iranian opposition groups operating in the US. The press release identifies one such group as the Mujahideen-e Khalq (MEK), a militant faction that has roots in radical Islam and Marxism. Between 1970 and 1976, the group assassinated six American officials in Iran and in 1970 tried to kill the United States ambassador to the country. It initially supported the Islamic Revolution of 1979, but later withdrew its support, accusing the government of Ayatollah Khomeini of “fascism”. It continued its operations in exile, mainly from Iraq, where its armed members were trained by the Palestine Liberation Organization and other Arab leftist groups. Until 2009, the European Union and the US officially considered the MEK a terrorist organization. But the group’s sworn hatred against the government in Iran brought it close to Washington after the 2003 US invasion of Iraq. By 2006, the US military was openly collaborating with MEK forces in Iraq, and in 2012 the group was dropped from the US Department of State’s list of foreign terrorist organizations. Today the group enjoys open protection from the EU and the US.

On June 30 of this year, authorities in Belgium arrested a married Belgian couple of Iranian descent, who were found to be carrying explosives and a detonator. On the following day, July 1, German police arrested an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria, while a fourth person was arrested by authorities in France, reportedly in connection with the three other arrests. All four individuals were charged with having planned a foiled plot to bomb the annual conference of the MEK-affiliated National Council of Resistance of Iran (NCRI) that took place on June 30 in Paris, France. It is not known whether the arrests in Europe are in any way connected with the cases of the two men held in the US.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Researchers uncover ‘ambitious’ Iranian hacker group that targets the Middle East

July 26, 2018 by 1 Comment

Computer hackingAn American cyber security firm has reported the discovery of a previously undetected, “highly active” Iranian cyber espionage group, whose extensive target list consists mainly of large organizations and companies in the Middle East. The cyber security firm Symantec, makers of Norton antivirus software, which uncovered the cyber espionage group’s existence, has dubbed it “Leafminer”. It said the group has been active since the beginning of 2017, but has “significantly ramped up its activities” in 2018 and is currently involved in dozens of ongoing attacks.

In a report published on Wednesday, Symantec said that its security experts managed to obtain what appears to be Leafminer’s master list of targets. The list is written in the Farsi language and contains just over 800 organizations, which according to Symantec researchers is “an ambitious goal” for any cyber espionage group. The organizations listed on the target sheet come from a variety of sectors, including government, transportation, the financial sector, energy and telecommunications. But the majority of the group’s targets appear to be in the petrochemical and government sectors. Additionally, virtually all of Leafminer’s targets are located in the Middle East and North Africa, in countries such as Israel, Egypt, Bahrain, Qatar, Kuwait and the United Arab Emirates. Some of the group’s targets are located in Afghanistan and Azerbaijan.

Symantec said its researchers observed the Leafminer hackers execute attacks in real time on at least 40 targets in the Middle East, including on the website of an intelligence agency in Lebanon. According to the cyber security company, Leafminer uses a variety of hacking tools, including custom-designed malware and some publicly available software. The group’s operational sophistication is also varied, and ranges from complex, multilayered attacks to brute-force login attempts. Symantec said it concluded that the cyber espionage group originates from Iran because its master target list is written in Farsi and because Iran is virtually the only country in the Middle East that is missing from the target list. However, it said that it did not have sufficient evidence to link Leafminer to the Iranian government. In a separate development, Germany’s domestic intelligence agency, the Federal Office for the Protection of the Constitution (BfV), said this week in its annual report that the government of Iran has significantly expanded its cyber warfare capabilities and “poses a danger to German companies and research institutions”.

Author: Joseph Fitsanakis | Date: 26 July 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Iran warns of repercussions as US intensifies campaign against Tehran

July 23, 2018 by 1 Comment

IRGC IranIranian military officials have warned of extracting “revenge from foreign intelligence services”, as Reuters reported that an aggressive campaign against Tehran has been launched by Washington. On Sunday, the Reuters news agency said that senior officials in the administration of US President Donald Trump had launched a concerted offensive “meant to foment unrest” in the Islamic Republic. Citing information from “more than half a dozen current and former officials”, Reuters said that the US offensive is directly supported by President Trump’s Secretary of State Mike Pompeo and his National Security Adviser John Bolton. Both officials are known for their aggressive stance against the Iranian government.

The campaign, said Reuters, is meant to “work in concert” with President Trump’s push to “economically throttle Iran”. The US leader announced a series of economic sanctions on the Islamic Republic and has intensified his critical statements against Tehran after May of this year, when Washington pulled out of the Iran nuclear agreement. Known as the Joint Comprehensive Plan of Action (JCPOA), the international agreement was reached in 2015 between Iran and a group of nations known as the P5+1, namely the five permanent members of the United Nations Security Council plus Germany. As part of the deal, Iran agreed to halt its nuclear weapons program in exchange for an end to economic sanctions by the West. But President Trump abandoned the agreement, saying it was a form of appeasing Tehran.

According to Reuters, Washington’s campaign involves the spreading of information that “paints Iranian leaders in a harsh light” and in some cases makes claims about Tehran that are “exaggerated”. For example, said Reuters, some social media posts by the US Department of State’s Farsi-language news service claim that Iran is close to al-Qaeda, despite the fact that Shiite Islam, which is Iran’s state religion, is viewed as a heresy by Sunni members of al-Qaeda. Other –perhaps more believable– accusations include claims that the leaders of Iran are wasting funds released by the JCPOA instead of using it for their people’s welfare, and that Tehran funds the Taliban in Afghanistan.

Meanwhile, a spokesman for the Islamic Revolutionary Guard Corps (IRGC), arguably the most powerful branch of the Iranian Armed Forces, issued a warning on Sunday against “foreign intelligence services”. The spokesman, Brigadier General Ramezan Sharif, said Iran would take revenge on foreign spy services “who try to disrupt the security of Iran’s borders”. He was referring to an armed attack that took place on Saturday in Iran’s northwestern Marivan region, near the Iran-Iraq border. The attack concentrated on an Iranian military compound in the village of Dari and culminated with the bombing of an IRGC arms depot. According to Iranian media reports, the explosion killed 11 Iranian border guards. Reuters said it contacted the White House and the Department of State about the alleged campaign against Iran, but that both declined to comment.

Author: Joseph Fitsanakis | Date: 23 July 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

Israel says it foiled Iranian-sponsored bomb attack in France

July 20, 2018 by Leave a comment

MossadIsrael helped foil an alleged Iranian-sponsored bomb attack in Paris, which involved arrests of several Iranian agents and at least one diplomat in France, Belgium and Germany, according to media reports. As intelNews reported earlier this month, the arrests began on June 30, when members of Belgium’s Special Forces Group arrested a married Belgian couple of Iranian descent in Brussels. The couple were found to be carrying explosives and a detonator. On the following day, July 1, German police arrested an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria. On the same day, a fourth person, who has not been named, was arrested by authorities in France, reportedly in connection with the three other arrests.

All four individuals appear to have been charged with a foiled plot to bomb the annual conference of the National Council of Resistance of Iran (NCRI) that took place on June 30 in Paris. The NCRI is led by Mujahedin-e Khalq (MEK), a militant group with roots in radical Islam and Marxism. The MEK was designated as a terrorist group by the European Union and the United States until 2009 and 2012 respectively. But it has since been reinstated in both Brussels and Washington, reportedly because it provides the West with a vehicle to subvert the Iranian government.

On Thursday, authorities in Israel announced the lifting of a blanket censorship decree that prevented local media from discussing the country’s role in helping the Europeans foil the alleged bomb attack in Paris. According to Israel’s Channel 2, a private television station based in Jerusalem, the Iranian attack was prevented after the Israeli agency Mossad detected the whereabouts of several suspects involved in it. The Mossad then supplied Germany, Belgium and France with intelligence that led to the arrests of some of those suspects. However, Channel 2 said that the Israeli government did not give a reason for the initial censorship imposed on the country’s media, nor did it explain why it had decided to lift it. On July 4, Israeli Prime Minister Benjamin Netanyahu appeared to hint that Israel had a role in the foiling of the alleged bomb attack in Paris. Speaking during a commemoration ceremony in Acre, Israel, Netanyahu said it was “no coincidence” that the attack in Paris had been stopped. But the Israeli leader did not expressly indicate that the Mossad had a role in the operation.

Following news of the arrests in Europe, the Iranian government said that it had no connection to the alleged plot in Paris and called the incident a “false flag” operation staged by Tehran’s enemies at home and abroad.

Author: Joseph Fitsanakis | Date: 20 July 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Spy chiefs from Russia, China, Iran and Pakistan hold high-level meeting

July 11, 2018 by Leave a comment

Sergei NaryshkinIntelligence directors from Russia, China, Iran and Pakistan met on Tuesday to discuss regional cooperation with particular reference to combating the Islamic State in Afghanistan. Information about the high-level meeting was revealed yesterday by Sergei Ivanov, media spokesman for the Russian Foreign Intelligence Service (SVR). Ivanov told Russia’s state-owned TASS news agency that the meeting was held in Pakistan and included the participation of SVR director Sergei Naryshkin. TASS reported that the meeting was held under the auspices of Pakistan’s powerful Inter-Services Intelligence (ISI) Directorate and was attended by “senior intelligence officials” from Pakistan, Russia, Iran and China.

Ivanov said that discussions during the meeting “focused on the dangers arising from a buildup of the Islamic State on the Afghan territory”. The Islamic State announced the formation of its Afghan province (wilayah in Arabic) in January 2015, using the term “Khorasan Province”. By July 2016, two of its most prominent leaders had been killed in coordinated drone strikes by the United States, but the group continues to launch operations to this day. Its core is thought to be made up of nearly 100 fighters from the Islamic State’s former strongholds in Syria and Iraq. According to Russian reports, security officials in China, Russia, Pakistan and Iran are concerned that the Islamic State’s Afghan command is becoming stronger as fighters from the group are leaving the Middle East and moving to Afghanistan.

Tuesday’s high-level meeting in Islamabad follows an announcement last month by the Beijing-led Shanghai Cooperation Organization (SCO) that it would adopt a more active stance on security issues in Afghanistan. Early in June, Afghan President Mohammad Ashraf Ghani described the SCO as “an important platform for anti-terrorist cooperation and enhancing regional connectivity” in Central and South Asia. President Ghani made these comments shortly before traveling to China to attend the annual summit of the SCO, of which Afghanistan is an observer country.

Author: Ian Allen | Date: 11 July 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Holland expels two Iranian diplomats, but stays silent on reasons

July 9, 2018 by Leave a comment

Iran embassy HagueHolland has expelled two Iranian diplomats without saying why, leading to speculation that the expulsions may be related to the arrests of members of an alleged Iranian sleeper cell in Belgium, Germany and France last week. On Friday, a spokesperson from Holland’s General Intelligence and Security Service (AIVD) told reporters that “two persons accredited to the Iranian embassy” in the Hague “were expelled from the Netherlands on June 7”. The spokesperson continued saying that, although the AIVD was able to confirm that the two unnamed persons had been expelled from the country, they would “not provide any further information”. When journalists contacted Holland’s Ministry of Foreign Affairs, they were told that there would be no comment on the matter from the Dutch government.

Late on Friday, the Reuters news agency cited an unnamed “European government official and a Western intelligence source” who said that the two Iranian embassy personnel were expelled from Holland “up to two months ago”. But Holland’s state-owned Dutch Broadcast Foundation (NOS) reported that the expulsions took place on June 7. No further information appears to be publicly available. However, assuming that the expulsions took place last week, and not two months ago, they appear to have coincided with the arrests of members of an alleged Iranian sleeper cell on June 30 and July 1. As intelNews reported last week, the arrests began on June 30, when members of Belgium’s Special Forces Group arrested a married Belgian couple of Iranian descent in Brussels. The couple were found to be carrying explosives and a detonator. On the following day, July 1, German police arrested an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria. On the same day, a fourth person, who has not been named, was arrested by authorities in France, reportedly in connection with the three other arrests.

All four individuals appear to have been charged with a foiled plot to bomb the annual conference of the National Council of Resistance of Iran (NCRI) that took place on June 30 in Paris. The NCRI is led by Mujahedin-e Khalq (MEK), a Marxist militant group that has roots in radical Islam and Marxism. Until a few years ago, the MEK was designated as a terrorist group by the European Union and the United States, but has since been reinstated in both Brussels and Washington. There is also speculation that last week’s expulsions in Holland may be related to the assassinations of dissident Iranian expatriates in Holland in 2015 and 2017, which have been blamed on the government in Tehran.

On Saturday, the Iranian Ministry of Foreign Affairs summoned the Dutch ambassador to protest against the expulsions of its diplomats, while a ministry spokesperson warned that “the Islamic Republic reserves the right to retaliate”. Reuters quoted an unnamed “senior Iranian official” who said that “all these arrests and expulsions are part of our enemies’ attempts to harm efforts to salvage the nuclear deal”, a reference to the Joint Comprehensive Plan of Action.

Author: Joseph Fitsanakis | Date: 09 July 2018 | Research credit: M.K. | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

Iran sleeper cell agents, including diplomat, arrested in three European countries

July 6, 2018 by Leave a comment

National Council of Resistance of IranAn Iranian diplomat and members of what authorities described as an “Iranian sleeper cell” were arrested this week in Belgium, Germany and France, as they were allegedly planning to a bomb a high-level meeting in Paris. The arrests came after a complex investigation by several European intelligence agencies and were announced by Belgium’s Minister of the Interior, Jan Jambon.

The operation against the alleged sleeper cell began on Saturday, June 30, when members of Belgium’s Special Forces Group stopped a Mercedes car in Brussels. The car was carrying a married Belgian couple of Iranian descent, named in media reports as Amir S., 38, and Nasimeh N., 33. According to the Belgian Ministry of the Interior, Nasimeh N. was found to be carrying 500 grams of triacetone triperoxide (TATP) explosive and a detonator inside a toiletries bag. On the following day, Sunday, July 1, German police arrested Assadollah A., an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria. According to reports, the diplomat was driving a rental car in the southeastern German state of Bavaria, heading to Austria. On the same day, a fourth person, who has not been named, was arrested by authorities in France, reportedly in connection with the other three arrests.

The four detainees were in contact with each other and were allegedly working for the Iranian government. All four have been charged with an alleged foiled plot to bomb the annual conference of the National Council of Resistance of Iran (NCRI) that took place last Saturday, June 30, in a Paris suburb. The National Council of Resistance of Iran is a France-based umbrella group of Iranian dissidents, led by Mujahedin-e Khalq (MEK), a militant group that has roots in radical Islam and Marxism. Between 1970 and 1976, the group assassinated six American officials in Iran and in 1970 tried to kill the United States ambassador to the country. It initially supported the Islamic Revolution of 1979, but later withdrew its support, accusing the government of Ayatollah Khomeini of “fascism”. It continued its operations from exile, mainly from Iraq, where its armed members were trained by the Palestine Liberation Organization and other Arab leftist groups.

Until 2009, the European Union and the United States officially considered the MEK a terrorist organization. But the group’s sworn hatred of the government in Iran brought it close to Washington after the 2003 US invasion of Iraq. By 2006, the US military was openly collaborating with MEK forces in Iraq, and in 2012 the group was dropped from the US Department of State’s list of foreign terrorist organizations. Today the group enjoys open protection from the EU and the US. According to Belgian authorities, the four members of the Iranian sleeper cell were planning to bomb the MEK-sponsored NCRI meeting in Paris under instructions by the Iranian government. Conference participants included over 30 senior US officials, including US President Donald Trump’s personal lawyer, Rudy Giuliani, who addressed the meeting. Stephen Harper, Canada’s former prime minister, also spoke at the conference.

Speaking in Brussels this week, Belgium’s Interior Minister Jambon praised the country’s intelligence, security and law enforcement agencies for foiling the alleged bomb plot in Paris. But Mohammad Javad Zarif, Iran’s Minister of Foreign Affairs, dismissed claims of an Iranian sleeper cell as “fake news” and described reports of a foiled bomb attack as “a sinister false flag plot”.

Author: Joseph Fitsanakis | Date: 06 July 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Israel charges former cabinet minister with spying for Iran

June 19, 2018 by Leave a comment

Gonen SegevIsrael has charged Gonen Segev, who served as the Jewish state’s Minister of Energy and Infrastructure, with spying for its archenemy, Iran. Segev, 62, was reportedly detained last month during a trip to Equatorial Guinea following a request by Israeli officials. He was then extradited to Israel and arrested as soon as he arrived in Tel Aviv last month, according to a statement by the Shin Bet, Israel’s domestic security service. On Monday it emerged that Israeli authorities had imposed a gag order on the case, forbidding Israeli media from reporting any information about it. The order appears to have now been lifted.

In 1992, when he was 35, Segev was elected as one of the Knesset’s youngest members, representing the conservative Tzomet party. Initially an opposition Knesset member, Segev eventually left Tzomet and joined a governing coalition with the Labor Party, in which he served as Minister of Energy and Infrastructure. After exiting politics, Segev, who is a medical doctor by training, became a businessman and traveled frequently abroad. But in 2004 he was arrested on a flight from Holland, while reportedly trying to smuggle several thousand ecstasy pills into Israel. He was jailed for five years but was released from prison in 2007, after a commendation for good conduct. Shortly after his release, Segev moved to the Nigerian city of Abuja, where he practiced medicine. It was there, the Shin Bet claims, that he was recruited by Iranian intelligence.

In a statement released on Monday, the Shin Bet said that Segev had admitted being in regular contact with Iranian intelligence agents in Nigeria and other countries around the world. He is reported to have said that he was given a fake passport by his handlers, which he used to visit Iran on two separate occasions in order to hold secret meetings with Iranian intelligence officers. He also traveled to several other countries in order to meet with his Iranian handlers and hand them information about Israel’s energy sector and the location of energy-related security sites in the country. The Shin Bet statement added that Segev introduced his Iranian handlers —who posed as foreign businessmen— to Israeli security officials on several occasions.

It is believed that Segev appeared before a court in Jerusalem on Friday. He was charged with “assisting an enemy in wartime” and with “carrying out espionage against the State of Israel”. The judge also charged him with numerous instances of transmitting classified information to a foreign power.

Author: Joseph Fitsanakis | Date: 19 June 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , ,

Israel has secretly worked with Emirates against Iran for decades, report alleges

June 12, 2018 by Leave a comment

Mohammed bin Rashid EmiratesA lengthy exposé by a leading American newsmagazine has claimed that Israel and the United Arab Emirates, two countries that officially have no relations, have been secretly collaborating for more than two decades. Their secret cooperation has been extremely tight and has included clandestine weapons sales and intelligence-sharing, according to the exposé, which was published on the website of The New Yorker on Monday and will feature in the magazine’s print edition on June 18. The lengthy piece, which deals with the changing geopolitics of the Middle East, is written by Adam Entous, national security correspondent for The Washington Post, who has previously reported for more than two decades for Reuters and The Wall Street Journal.

Officially, Israel and the UAE have never had bilateral relations. The Emirates, an Arab federal state ruled through an absolute monarchical system, does not recognize Israel as a country. Consequently, the two Middle Eastern states have no official diplomatic, economic or military relations. But in his lengthy article published on Monday, Entous claims that Israeli and Emirati officials have been meeting in secret for at least 24 years. He alleges that the first clandestine meeting between the two sides happened in 1994 in Washington, after Abu Dhabi sought to purchase a number of American-made F-16 fighter jets. The US warned the UAE that Israel would veto the deal, fearing that these fighter jets in the hands of Arabs may eventually be used against it. But Israel did not pose a veto. Motivated by the Oslo I Accord, which it had signed the previous year, the Israeli government of Prime Minister Yitzhak Rabin secretly reached out to the Emiratis and offered “to discuss the matter directly” with them.

The first series of meetings between the two sides took place “off the record […] in a nondescript office in Washington”, says Entous. Israeli and Emirati officials were diametrically at odds over the Palestinian issue, but were in almost complete agreement on the topic of Iran. Abu Dhabi saw Iran as a major threat to the stability of the Middle East, and so did Israel. Following the secret meetings, Israel lifted its objections to Washington’s sale of F-16s to the Emiratis. That, says Entous, helped “build a sense of trust” between the two Middle Eastern countries. By the end of the 1990s, there were allegedly regular secret meetings between Israeli and Emirati officials, which included the sharing of military, security and intelligence data.

Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

Sweden grants citizenship to man accused by Iran of being a Mossad spy

February 19, 2018 by 1 Comment

Ahmadreza DjalaliThe government of Sweden has granted citizenship to an academic who is on death row in Iran for allegedly helping Israel kill Iranian nuclear scientists. Sweden’s Foreign Affairs Ministry confirmed on Saturday that Ahmadreza Djalali, who lives in Sweden and has lectured at Stockholm’s renowned Karolinska Institute, is now a Swedish citizen. IntelNews has covered extensively the case of Dr. Djalali, 45, a professor of disaster medicine who has also taught at the Vrije Universiteit Brussel (VUB) in the Belgian capital, as well as in the VUB’s European Master’s program in Disaster Medicine in Italy.

It is believed that Djalali was arrested in Iran in 2016, during a visit from Sweden, where he has been living for several years. He was sentenced to death last year for allegedly helping Israel assassinate nuclear scientists and sabotage Tehran’s nuclear program. Four Iranian physicists, who were employed in Iran’s nuclear program, are known to have been assassinated between 2010 and 2012. Most were killed by magnetic bombs that were placed on their vehicles by unknown assailants, who were then able to escape on motorcycles. Tehran believes that the assassinations were carried out by the Mossad, Israel’s external intelligence agency, with the help of agents recruited by the Israelis from within Iran’s nuclear program.

The office of Tehran’s public prosecutor claims that Djalali admitted holding “several meetings with the Mossad”, during which he allegedly “provided [the Mossad] with sensitive information about Iran’s military and nuclear installations”. The Iranians further claim that Djalali gave Israel the names and addresses of at least 30 senior members of the country’s nuclear program. The list included nuclear physicists, engineers, as well as intelligence and military officials with nuclear specializations. In return for supplying inside information, the Israelis allegedly helped Djalali secure permanent residency in Sweden and financed his move there. Iran claims that the information given to the Mossad by Djalali resulted in the assassination of at least one Iranian scientist. But in a letter written from prison in Iran, the jailed academic claims that he was sentenced to death after he refused to carry out espionage operations on behalf of the Iranian state.

A spokeswoman for Sweden’s Ministry of Foreign Affairs said on Saturday that the Swedish government was aware that Djalali had been granted citizenship by the country’s Migration Board. Consequently, the Ministry was in touch with Iranian authorities and had requested access to the jailed scientist, she said. She added that the Swedish government’s demand was that “the death penalty is not carried out” in the case of Djalali.

Author: Ian Allen | Date: 19 February 2018 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Iranian military official says West used lizards to spy on Iran’s nuclear program

February 16, 2018 by 2 Comments

Hassan FiruzabadiThe former chief of staff of Iran’s Armed Forces has said that foreign governments used different species of lizards, including chameleons, to spy on the Iranian nuclear program. The claim was made by Hassan Firuzabadi, a veteran Iranian military official, who from 1989 to 2016 served as the chief of staff of the Iranian Armed Forces —the most senior military post in the Islamic Republic. Since his retirement in 2016, Firuzabadi has served in a number of key consultancy roles and is currently a senior military advisor to Ayatollah Ali Khamenei, Iran’s reform-minded supreme leader.

On Tuesday, the Iranian Labor News Agency (ILNA), a pro-reformist news and analysis outlet, published a lengthy interview with Firuzabadi. The former military strongman was speaking in response to reports earlier this week that a prominent Iranian-Canadian environmental campaigner had died in prison, allegedly of suicide. Kavous Seyed Emami, 63, was a professor of sociology, director of the Persian Wildlife Heritage Foundation, and political activist. He was arrested with seven of his colleagues on January 24 and charged with espionage. On February 9, Emami’s family said that they had been informed by authorities of his death in prison, reportedly as a result of suicide. The news was later confirmed by Iran’s chief prosecutor. Emami’s family, as well as numerous environmental campaigners and activists, dispute the government’s claims of suicide as a cause of his death.

But in his interview published on ILNA’s website, Firuzabadi claimed that environmental activists with links to foreign countries have in the past been found to engage in espionage against the Islamic Republic. He told the news outlet that some years ago Iranian authorities arrested a group of foreigners who were visiting Iran to raise funds for Palestinian political prisoners. He added that among the foreigners’ possessions authorities found “a species of desert reptile, like a chameleon”, which puzzled them. Firuzabadi then said that, “following studies” on the lizards, Iranian authorities concluded that their skin “attracts atomic waves”. They therefore concluded that the foreigners were in fact “nuclear spies” who had entered Iran in order to “find out where [in the country] are uranium mines and where the government is engaged in nuclear-related activities”. Firuzabadi also said that many foreigners who are engaged in environmental activism “are not even aware of the fact that they are actually spying” on Iran.

But Western scientists and science reporters dismissed Firuzabadi’s claims as fantastical. On Tuesday, John Timmer, science editor for the United States-based technology and science website Ars Technica, called the Iranian military official’s claims “insane” and added that there was “no scientific evidence that reptiles […] are effective as Geiger counters”.

Author: Joseph Fitsanakis | Date: 16 February 2018 | Research credit: C.F. | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Iran upholds death sentence for man accused of helping Mossad kill scientists

October 25, 2017 by Leave a comment

Ahmadreza DjalaliA court in Iran has sentenced a prominent Iranian academic to death for allegedly helping Israel assassinate nuclear scientists and sabotage Tehran’s nuclear program. Four Iranian physicists, who were employed in Iran’s nuclear program, are known to have been assassinated between 2010 and 2012. Most were killed by magnetic bombs that were placed on their vehicles by unknown assailants, who were then able to escape on motorcycles. Tehran believes that the assassinations were carried out by the Mossad, Israel’s external intelligence agency, with the help of agents recruited by the Israelis from within Iran’s nuclear program.

On Tuesday, Iranian authorities revealed that one of these alleged Israeli agents has been sentenced to death following a secret trial. The office of Tehran’s public prosecutor did not name the alleged agent, but said that he admitted holding “several meetings with the Mossad”. During those meetings, the agent allegedly “provided [the Mossad] with sensitive information about Iran’s military and nuclear installations”, according to Iranian authorities. The Iranians claim that the agent, who is himself a physicist, gave Israel the names and addresses of at least 30 senior members of Tehran’s nuclear program. The list included nuclear physicists, engineers, as well as intelligence and military officials with nuclear specializations. In return for supplying inside information, the Israelis helped the alleged agent secure permanent residency in Sweden and financed his move there, according to the Iranian prosecutor’s office. Iran claims that the information given to the Mossad by the agent resulted in the assassination of at least one Iranian scientist.

In a statement published on Monday, the international human-rights pressure group Amnesty International identified the alleged Mossad agent as Ahmadreza Djalali, an expert in disaster medicine. Djalali’s name had been reported before in connection with a trial in Iran, but authorities in Tehran had not mentioned any connection between the accused and the assassination of Iranian nuclear scientists. Amnesty said that Djalali has taught and carried out research at several European universities, including the Universiteit Brussel in Brussels, lUniversity of Eastern Piedmont in northern Italy, and the Karolinska Institute in Stockholm, Sweden. It is believed that he was arrested in Iran in 2016, during a visit from Sweden, where he has been living for several years. Iranian media said that Djalali was sentenced to death on October 21, and must appeal by November 10 if he wants to challenge his death verdict.

Author: Ian Allen | Date: 25 October 2017 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Iranian state-backed cyber spies becoming increasingly skilled, says report

September 21, 2017 by Leave a comment

Computer hackingA group of cyber spies with close links to the Iranian government is becoming increasingly competent and adept, and could soon bring down entire computer networks, according to a leading cyber security firm. The California-based cyber security company FireEye said that it has been monitoring the operations of the mysterious group of cyber spies since 2013. The company, whose clients include Sony Pictures, JP Morgan Chase and Target, said that the Iranian group appears to be especially interested in gathering secrets from aviation, aerospace and petrochemical companies.

In a detailed report published on Wednesday, FireEye said that the Iranian group has a very narrow target focus. Moreover, it attacks its targets —which are typically companies— in highly customizable ways. The latter includes the use of cleverly designed phishing tools that are designed to attract the attention of the company’s unsuspecting employees. So far, companies that have been targeted include Saudi petrochemical conglomerates, American aviation firms, as well as South Korean and other Southeast Asian companies that have aviation or energy holdings, said FireEye. The security company said it had codenamed the group “APT33”, which stands for “Advanced Persistent Threat #33”. It also said that APT33 was clearly distinct from other known Iranian hacker groups, because of the sophistication of its operations and the quality of its cyber weapons. The cyber security firm said that APT33 was the first Iranian hacker group to be included on a select list of the most capable cyber spy groups from around the world.

Some experts believe that APT33 is run by Iran’s Revolutionary Guard Corps, an irregular branch of the Iranian military, which is seen by many as a state within a state in post-1979 Iran. The FireEye report does not appear conclusive on this point. However, it notes that APT33 has built an offensive cyber arsenal “with potential destructive capabilities”, but that it currently appears to focus solely on intelligence collection, not sabotage or warfare.

Author: Joseph Fitsanakis | Date: 21 September 2017 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

CopyKittens cyber espionage group linked to Iranian state, says report

July 26, 2017 by Leave a comment

CopyKittensA cyber espionage group that has alarmed security researchers by its careful targeting of government agencies has links to the Iranian state, according to a new report. The existence of the group calling itself CopyKittens was first confirmed publicly in November of 2015. Since that time, forensic analyses of cyber attacks against various targets have indicated that the group has been active since at least early 2013. During that time, CopyKittens has carefully targeted agencies or officials working for Jordan, Saudi Arabia, Turkey, Israel, the United States, and Germany, among other countries. It has also targeted specific offices and officials working for the United Nations.

Throughout its existence, CopyKittens has alarmed cyber security researchers by its strategic focus on political targets belonging to governments. The group’s methods of operation do not resemble those of most other hacker groups, which are usually crude by comparison. Now a new report by two leading cyber security groups claims that CopyKittens is linked to the Iranian state. The report was published on Tuesday as a joint effort by Japan’s Trend Micro and Israel’s ClearSky firms. The report analyzes several operations by CopyKittens, some conducted as recently as last April. It concludes that CopyKittens is “an active cyber espionage actor whose primary focus [is] foreign espionage on strategic targets”. Additionally, the report suggests that the group operates using “Iranian government infrastructure”.

According to the Trend Micro/ClearSky report, CopyKittens tends to use relatively simple hacking techniques, such as fake social media profiles, attacks on websites, or emails that contain attachments that are infected with malicious codes. However, its members appear to be “very persistent” and usually achieve their goal “despite lacking technological sophistication”. The security report did not directly address the political ramifications of implicating the Iranian government in the CopyKittens’ hacking operations. The Reuters news agency contacted Iranian officials at the United Nations about the CopyKittens report, but they nobody was available for comment.

Author: Ian Allen| Date: 26 July 2017 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Older posts

Newer posts