In September 2020, it was noted that Iran's RampantKitten espionage group ran a phishing and surveillance marketing campaign versus dissidents on Telegram.[362] The attack relied on people downloading a malware-infected file from any resource, at which place it would replace Telegram documents around the device and 'clone' session knowledge.Telegra