European authorities have taken action to shut down a cyber espionage operation linked to Iran’s powerful Revolutionary Guard in the first operation of its kind since Tehran signed a nuclear treaty, according to security researchers who located computers used to launch attacks.
The hacker group – dubbed “Rocket Kitten” by security experts who have been hunting the hacker group since early 2014 – has mounted cyber attacks on high-profile political and defense figures globally since that time.
The action is likely to hamper Tehran’s efforts to gather sensitive intelligence from rivals including Saudi Arabia, Israel, Turkey, the United States and Venezuela, which were among the nations targeted.
Researchers from US-Israeli security firm Check Point Software said the 1,600 high-profile targets include members of the Saudi royal family, Israeli nuclear scientists, NATO officials and Iranian dissidents and even the wives of high-ranking generals from unnamed countries.
The company said it had informed national computer security response teams in Britain, Germany and the Netherlands, who in turn alerted police in those countries to the locations of “command and control” servers used to mount attacks controlled from Iran.
Europol, the FBI and Israel’s internal security service Shin Bet declined immediate comment.
The actions come as US President Barack Obama and Israel’s Prime Minister Benjamin Netanyahu prepare to meet on Monday for the first time since the Israeli leader lost his battle against the Iran nuclear deal and security issues top the agenda.
Check Point plans to issue a report later on Monday. According to an advance copy obtained by Reuters, the report details how its experts burrowed inside the hacker group’s database, giving them a map of malicious software tools and remote-controlled computers used by the group.