Investigators have spotted a server located near Haarlem that is probably used for Iranian espionage. That report the radio program Argos and the security company Bitdefender.
The server is used by the Iranian regime to spy on political opponents, says Rik Delhaas of Argos on NPO Radio 1. The program found the server after a tip from an Iranian man who lives in the Netherlands and received a file from an Iranian dissident via the chat app Telegram. “Fortunately, he did not open it and so his computer was not infected,” said Delhaas.
The file has been investigated by Bitdefender and it appears that Tehran in Iran and countries such as the Netherlands, Germany, Sweden and India is trying to penetrate computers and phones. The software has previously been linked to the regime in Iran by security experts.
The server found is a so-called command and control-server. They are used by malware distributors to control infected computers, and to steal information, for example.
Research into internet traffic by a cyber security expert shows that the server found is very likely located in the vicinity of Haarlem. The American company that rents the servers has after a report of Argos the cooperation with the party behind this server immediately stopped.
Discovered late last year Argos and Bitdefender in the Netherlands already had a server that would have been used to compromise devices.