The Irani State-sponsored Hackers "Infy Group" Attacks Against Anyone Is in Contact With Protesters.

Following the mass demonstration in Iran, the state-sponsored hackers are targeting victims with spear-phishing messages that are continually refined and improved. 

According to the experts Palo Alto Network, the Infy group is last since 2007, its malware is involved in attacks in the country and abroad.

The Infy name malware is based on a string used by the VXers in filenames and command and control (C&C) folder names and strings. The malware was first submitted to VirusTotal in August 2007, the command and control domain used by the sample spotted by the researcher that has been associated with malicious campaign back in December 2004.