pfox2Recently in cyberspace and market software market such as Persian Telegram published a little different with the original telegram. Most Iranians are fearful of using the Persian Fox since the government monitors and surveils their every move. The preference is for the real Telegram to be used although, the Iranians sites there are infiltrated with Basij members who report on the comments of everyday Iranians as well as hackers. Attempts by Basij (the Iranian government) and other pro-gov organizations to penetrate and hack Telegram is underway.

There are a couple of files of interest:

  • persianfox.messenger.permission.C2D_MESSAGE
  • persianfox.messenger.permission.MAPS_RECEIVE

The access requirements are much different from the original Telegram, and the developer has not provided any explanation about the reason for this access. The features provide the programmer and anyone associated with the company who wrote the software, access to all your Telegram Farsi messages as well as the ability to enable your GPS and determine your location. That is just the beginning.  Below are the access requirements:

 

  • permission.USE_FINGERPRINTpfox3
  • Run at startup
  • Read phone state and identity
  • Draw over other apps
  • Shake control
  • Create accounts and set passwords
  • Read sync settings
  • Toggle sync on and off
  • Read your own contact card
  • Add or remove accounts
  • Modify your contacts
  • Read your contacts
  • Find accounts on the device
  • Read memory cards
  • Change or delete SD card contents
  • Prevent the device from going to sleep
  • Receive text messages (SMS)
  • View Wi-Fi connections
  • View network connections
  • voice recording
  • Full Internet access
  • Precise location (GPS and network-based)
  • Approximate location (network-based)
  • Web service access platform
  • persianfox.messenger.permission.C2D_MESSAGE
  • persianfox.messenger.permission.MAPS_RECEIVE
  • Get information from the Internet

pfox1This looks to be developed to the specifications of the Iranian government enabling them to track every bit and byte put forward by users of the app.  Persianfox is apropos. Remember the requirements from Gerdab.ir https://cybershafarat.com/2015/09/07/gerdab-ir-oppress-your-people-basij-turn-on-your-own-the-new-savak-pasdaran-and-basij-rules-of-oppression-reporting/

The full download my before at the Iranian online store Cafebazaar: https://cafebazaar.ir/app/ir.persianfox.messenger/?l=fa or you may download bazaar. Or you may acquire the APK below as provided by Treadstone 71:

ir.persianfox.messenger_721.fl (zip file – run at your own risk- in a lab environment preferably)

The source code may be found at github: https://github.com/mokhtarabadi/Telegram-Farsi

There are some interesting leads to follow here as well (happy hunting):

Treadstone 71

Learn more about Treadstone 71 and the new Cyber Intelligence Tradecraft Certification at

https://cybershafarat.com/2016/01/11/t71/ and http://www.treadstone71.com/images/FIles/CyberIntelTradecraftCertification.pdf

 

Fox Porn