Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

4 new Android spyware samples linked to Iran's intel agency

IRAN, JUL 21 – MuddyWater spyware collects WhatsApp, call logs, and location data by disguising as VPN and Starlink apps amid internet blackouts, targeting activists and dissidents, Lookout says.

Summary by The Register
: Persians added snooping capabilities to DCHSpy after Israeli bombs fell

8 Articles

The RegisterThe Register
Center

4 new Android spyware samples linked to Iran's intel agency

: Persians added snooping capabilities to DCHSpy after Israeli bombs fell

Read Full Article
PC MagPC Mag
Lean Left

Spyware Uses Starlink Name to Trick Iranians Desperate for Unfiltered Internet

DCHSpy appears to be the creation of an Iranian state-sponsored hacking group known as MuddyWater, according to the cybersecurity vendor Lookout.

·United States
Read Full Article
The Cyber Shafarat - Treadstone 71The Cyber Shafarat - Treadstone 71

DCHSpy– Iran’s MuddyWater Deploys New Android Spyware via Fake VPN Apps

In late June 2025, about a week after Israeli airstrikes struck Iran’s nuclear facilities, cybersecurity researchers uncovered a stealthy new threat on Iranian dissidents’ Android phones. Four new samples of the espionage malware known as DCHSpy have surfaced, disguised as innocuous VPN apps named Earth VPN and Comodo VPN. One tainted app even carried “Starlink” […]

Read Full Article
digitalmarketreports.comdigitalmarketreports.com

Spyware Exploits Starlink Name to Deceive Iranians Seeking Unfiltered Internet

Cybersecurity firm Lookout has identified an Android-based spyware program impersonating the Starlink brand to trick internet users in Iran into installing malicious software. Spyware Linked to Iranian State-Sponsored Group MuddyWater The spyware, known as DCHSpy, is linked to MuddyWater, an Iranian state-sponsored hacking group connected to Iran’s Ministry of Intelligence and Security. The malware can steal call logs, SMS messages, location dat…

Read Full Article
Iran News UpdateIran News Update

Iran’s Expanding Digital Repression: From Domestic Surveillance to Global Cyber Threats - Iran News Update

Regime-backed spyware, phishing campaigns, and advanced surveillance networks target activists at home and abroad The Iranian regime’s digital repression has grown into a transnational threat, targeting not only dissidents inside Iran but also political opponents, journalists, and academics across borders. Employing sophisticated surveillance tools and offensive cyber tactics, the regime is waging a digital war on free expression, privacy, and d…

Read Full Article
The Hacker NewsThe Hacker News

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX. Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it tracks

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 50% of the sources lean Left, 50% of the sources are Center
50% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

PC Mag broke the news in United States on Monday, July 21, 2025.
Sources are mostly out of (0)

Similar News Topics

Android icon

Android

Airstrike icon

Airstrike

Internet icon

Internet

Iran icon

Iran

News
For You
SearchBlindspotLocal