Cybersecurity experts are warning that Iran is preparing cyber attacks against mobile device users. Ransomware and malware attacks are expected to target mobile Android-based devices. Users should be especially cautious toward unofficial markets that offer Android apps.

Accenture iDefense wrote in a recent cyber threat report that its intelligence team has measured a “significant uptick” in cyber attack campaigns launched from Iran. The report, titled “Cyber Threatscape Report 2018,” expects these attacks to increase in frequency into 2019.

Both state actors and Iranian hacktivists seem to favor attacking apps that are unverified by the Google app store. These attacks seek to plant malware into mobile devices. Buyers should also be forewarned that Iranian hackers are working to plant malicious code into verified apps at the Google store, Accenture wrote.

The cybersecurity company is tracking an Iranian gang called Pipefish. This group is attacking organizations in the Middle East for espionage purposes. The attack could target Israel, Saudi Arabia, Bahrain, and other countries that supported the US and its decision to cancel the controversial Iran nuclear accord.

Pipefish has developed a toolbox that exploits machines to carry out remote execution commands. The gang has apparently used a crypto-jacking exploit that has already shut down or disrupted Middle East pipelines and facilities.

Ransomware, though, appears to be the tool of choice from Iran, Accenture wrote. The Islamic Revolutionary Guard is the main actor in the use of ransomware.

According to the cybersecurity analysis, the ransomware attackers will demand crypto ransoms – payment in Bitcoin. One ransomware called “Black Ruby” scrambles and encrypts files and demands $650 in crypto-coin BTC.

The impetus behind this latest cyberwarfare appears to be that the Iranian mullahs and the country’s criminal class are angry that the United States is clamping sanctions on the country again. The sanctions will hit Iran hard in its wallet. Thus, Iranian state actors and the criminal element will use cyberattacks to steal cash.

People who download Android apps, especially from unapproved sources, should exercise extreme caution. Cybersecurity experts are warning that the Iranians are on the prowl, looking for ways to snatch cash from Android users.