🔥 TRENDING
🔥 February Smartphone Launches Heat Up Tech Scene
🔥 Microsoft Data Center Power Outage Disrupts Key Services
🔥 AI Chatbot Misuse Ranks Top Health Tech Hazard for 2026
🔥 Flickr Confirms Data Breach Following Security Flaw at External Partner
🔥 Fake PDF Files Used to Secretly Install Remote Access Tools on Victims’ Systems
🔥 Opus 4.6: Anthropic's AI Workforce for the Rest of Us?
🔥 n8n Workflow Vulnerability Bypassed in Days: How to Secure Your Automation (CVE-2026-25049)
🔥 Amazon's Alexa+ Goes Free for Prime Members: A Battle with ChatGPT?
🔥 Meta and Ubisoft Signal Industry Reset: The End of Growth-at-All-Costs Philosophy
🔥 Bitcoin's Supply Crossroads: Miners, ETFs, and the $98K STH Threshold
🔥 February Smartphone Launches Heat Up Tech Scene
🔥 Microsoft Data Center Power Outage Disrupts Key Services
🔥 AI Chatbot Misuse Ranks Top Health Tech Hazard for 2026
🔥 Flickr Confirms Data Breach Following Security Flaw at External Partner
🔥 Fake PDF Files Used to Secretly Install Remote Access Tools on Victims’ Systems
🔥 Opus 4.6: Anthropic's AI Workforce for the Rest of Us?
🔥 n8n Workflow Vulnerability Bypassed in Days: How to Secure Your Automation (CVE-2026-25049)
🔥 Amazon's Alexa+ Goes Free for Prime Members: A Battle with ChatGPT?
🔥 Meta and Ubisoft Signal Industry Reset: The End of Growth-at-All-Costs Philosophy
🔥 Bitcoin's Supply Crossroads: Miners, ETFs, and the $98K STH Threshold

Phishing Links Target Iranian Protesters: How Attackers Exploited WhatsApp to Steal Sensitive Data

• 👤 Yunus Yagis
📂 Artificial Intelligence
WhatsApp phishing attack targeting Iranian protesters with exposed victim data

A phishing attack exploiting WhatsApp to steal credentials and spy on Iranian protesters left a server exposed, revealing 850 victims—including a Lebanese minister and U.S. academics—highlighting the blurred line between state surveillance and cybercrime.

Nariman Gharib, a U.K.-based Iranian activist, received a phishing link via WhatsApp targeting Iran-related protesters.

The phishing page code and confirmed it aimed to steal Gmail credentials, WhatsApp accounts, and device media (location, audio, photos).

Over 850 victim records were exposed on the attacker’s server, including academics, a senior Lebanese minister, and a U.S. academic.

The campaign used DuckDNS for obfuscation and `alex-fabow.online` as the phishing domain.

Security researcher Runa Sandvik confirmed the page exploited browser APIs for location tracking and media access. Sandvik said:

"This drives home the point that clicking on unsolicited WhatsApp links... is a high-risk, unsafe practice."

Gary Miller linked the attack to Iran’s Islamic Revolutionary Guard Corps (IRGC) due to its espionage-like targeting and techniques.

The exposed server data underscores how cybercriminals and state actors increasingly converge in exploiting social media platforms for surveillance and credential theft.

Related Topics:
#Artificial Intelligence #hacker

Read more