FBI Alerts on Iranian Malware Campaign via Telegram Targeting Dissidents

FBI Alerts on Iranian Malware Campaign via Telegram Targeting Dissidents

First seen 21 Mar 2026, 00:42 UTC IranintlAa.TrSecurityaffairs.CoBleepingcomputerTechcrunch+5 88% similarity 77.0

Article Content

Browse articles
ThreatCluster

The FBI has issued a warning regarding Iranian cyber actors deploying malware through the Telegram messaging app to target dissidents, journalists, and opposition figures globally. This operation, attributed to Iran's Ministry of Intelligence and Security (MOIS), utilizes Telegram as a command-and-control system to infiltrate devices, steal data, and conduct 'hack-and-leak' operations aimed at damaging reputations. The campaign has been active since at least 2023 and employs social engineering tactics to trick victims into downloading malicious files disguised as legitimate applications. The FBI's alert comes amid heightened geopolitical tensions following recent US strikes in Iran. Users are advised to exercise caution with unsolicited communications, keep software updated, and report suspicious activities. Iran has not responded to these allegations.

Key Points: • Iranian cyber actors are using Telegram to deploy malware against global dissidents. • The campaign has been active since at least 2023, utilizing social engineering tactics. • The FBI has issued an alert urging users to take protective measures against the malware.

ThreatCluster AI

Timeline

2023-01-01
Iranian malware campaign via Telegram reportedly began.
2026-03-20
FBI issues alert regarding Iranian cyber operations.

Community

Browse all →