In September 2020, it was described that Iran's RampantKitten espionage group ran a phishing and surveillance campaign in opposition to dissidents on Telegram.[362] The assault relied on persons downloading a malware-contaminated file from any supply, at which level it would switch Telegram information over the device and 'clone' session https://www.telegramkko.com/
