In September 2020, it had been described that Iran's RampantKitten espionage team ran a phishing and surveillance marketing campaign towards dissidents on Telegram.[362] The attack relied on people downloading a malware-infected file from any supply, at which point it might exchange Telegram files about the gadget and 'clone' session https://www.telegramkko.com/
