Security company Bitdefender and radio program Argos identified a server in a data center near Haarlem that they believe is being used by Iran to spy on political opponents, Rik Delhaas of Argos said to NOS.
The program tracked the server down after a tip from an Iranian man living in the Netherlands, and thanks to a file received by an Iranian dissident on chat app Telegram. “Fortunately he did not open it and his computer was not infected,” Delhaas said.
Argos asked Bitdefender to investigate the file. The security company discovered that the Iranian regime was trying to break into computers and phones in countries like the Netherlands, Germany, Sweden and India, according to Argos. The software used was previously linked to the Iranian regime by security experts.
The server involved is a command and control server. People who spread malware use these types of servers to control infected computers, to steal data for example, according to NOS. Based on internet traffic, Bitdefender traced the server to the vicinity of Haarlem.
The American company that rents the servers immediately stopped cooperation with the party behind this server, after Argos informed it of their findings.