News Report | Digital Security Warning/ Start of Targeted Cyber Attacks Against Activists Abroad Under the Cover of Fake Security Emails

13:09 - 17 January 2026
News Kurdistan Human Rights Latest News

In recent days, the Islamic Republic of Iran has launched a new wave of targeted cyber attacks against political and civil activists abroad through email services. These attacks are carried out using advanced social engineering and the impersonation of official security institutions.

Based on conducted investigations, an email with a completely official appearance using the symbol and name attributed to “Faraja Intelligence” has been sent to activists abroad. This email is designed to pretend it was sent by “mistake” and contains confidential information. In the text of the email, all security and government institutions are placed in the CC section to increase the apparent credibility of the message.

In this email, an installable file titled “IranGuard” is attached. In the descriptions provided within the email content and the attached page, it is claimed that this file is an emergency communication tool for the exchange of confidential circulars and orders among security forces. It is also emphasized that this tool is used as a secure and reliable option during conditions of “severe internet restrictions or network disruption.”

Based on the information in the attached image:

“IranGuard” is introduced as a special application for Android and personal computers (Windows/Laptop).

It is claimed that there is no version for iOS (iPhone and iPad).

In the “Emergency Status” section, direct download links for Windows and Android phones are provided, and it is emphasized that the execution of the file's commands is “immediate and mandatory.”

Warning from Kurdpa Digital Security Experts The experts of the “Kurdpa” digital security unit, after a technical review of this email and its attached file, have announced that the file known as “IranGuard” is a highly destructive malware designed with the aim of gaining full access to the victim's mobile phone or computer. This malware can lead to:

Unauthorized access to personal information,

Eavesdropping on communications,

Device control,

And the collection of sensitive data.

Experts emphasize that this attack is part of a targeted and planned operation against activists abroad and not a communication error or a real internal email.

Security Recommendation It is decisively stated:

Under no circumstances open this email.

Refrain from downloading or executing any file titled “IranGuard.”

In case of receiving such an email, immediately contact the Kurdpa digital security team and report the matter.

This warning is published with the aim of preventing serious security damage and protecting activists against cyber threats.

 

12:56 - 17 January 2026
Bijar; Government Killing of Soran Feyzizadeh as a Result of Torture During Detention and Burial in an Unknown Location
12:55 - 17 January 2026
Gilan-e Gharb; Ali Abbasi, 19-Year-Old Kurdish Youth Killed, Who Was Found Among Hundreds of Bodies in Kahrizak and Delivery of Body in Exchange for 700 Million Tomans
12:52 - 17 January 2026
Karaj; Spraying of a Sonqori Kurdish Family's Car with Bullets and the Death of the Mother, Father, and Son: Zahra Bani Amerian, Bijan Mostafavi, and Danial Mostafavi
12:51 - 17 January 2026
Ilam; Pouya Rostami, Kurdish Youth Killed by Direct Fire of Repressive Forces