Iran’s cyber advancements have been fast and sudden. Within the last few years, Iran has managed to build it's cyber capabilities to rival the United States, China, Russia, the United Kingdom, and Israel. The size and sophistication of the nation’s hacking capabilities have grown markedly over the last few years, and Iran has already penetrated well-defended networks in the US and Saudi Arabia and seized and destroyed sensitive data. Without any doubt they have become a major player in the realm of cyberspace. This achievement is due to the government's investment in the many devoted national teams and their members. In late-2011, Iran invested at least $1 billion dollars in cyber technology, infrastructure, and expertise. In March 2012, the IRGC -the elite Iranian Revolutionary Guard Corps- claimed it had recruited around 120,000 personnel over the past three years to combat “a soft cyber war against Iran.” In early-2013, an IRGC General publically claimed Iran had the “fourth biggest cyber power among the world’s cyber armies.” The latter claim has been substantiated by an Israel-based think tank, the Institute for National Security Studies.
The inexpensive nature of computers and the wealth of eager students who are easily trainable in the arts of cyber-warfare have increased Iran's cyber capabilities. Iran uses the inexpensive methods of training and collaborating with proxies in the art of cyber-war. There are many teams that sponsor forums for training and collaboration. Even though some teams are at odds with each other, the forums are all welcoming and filled with knowledge to start learning or to gain new skills in the many necessary arts. Every team is different and some are definitely more sophisticated then others, Ashiyane is at the top of the list of Iranian hacking teams. Other notable teams are Black Hat Group, Black Hackers, Turk Black Hat, Danger Team, IDC Team, and Irsecteam. Most collaboration on the forums are done with teams that have established alliances but now there is something new occurring. Facebook hacking groups have been gaining traction and many members of the teams that were previously not collaborating are now speaking and sharing their knowledge. One group is the Kheshtak Security Team with its 334 members.
Kheshtak Security Team has been evolving with its many different administrators over the years. The current administrators are Hesam Bazvand and Meqdad Mohamadi, with their efforts it has become something new. The evolution on the group has created a network of great minds collaborating together and using the group as a tool to communicate both in public and private. Over the foreseeable future, I will be writing about the different members and sharing some information on them. Many of them are very intelligent capable individuals that excel in their fields. Collectively they have accomplished a surprising amount for such a small unnoticed group.
Over the course of a year Hesam Bazvand has become the administrator of the group and he is currently affiliated with the Turk Black Hat team. His most recent public contributions to have been: ECportal FCKeditor Arbitrary File Upload Vulnerability and Netsparker 2.3.X - Remote Code Execution Exploit. He is often publicly thanked on many of the reported exploits, regardless of the team affiliation.
Meqdad Mohamadi, like his fellow administrator, has quickly became the admin within a year. He was added by Reza Darkcoder -Mohammad Reza Espargham- the administrator of the Iranian Dark Coder Team. Meqdad is currently a member of Ashiyane using the moniker M3QD4D, he was previously affiliated with Emperor Team. He is a very skilled hacker with 1,018 notifications to the Zone-h. Just three of the Kheshtak's group members control three very dominate teams collectively responsible for tens of thousands of hacks and defacement.
Amir Moosavi is the founder and administrator of the Iranian Exploiting Database and the IEDB Security Team forum. He goes by the moniker Amir and has monikers of IrIsT and IEDB. He openly posts on many of the different team forums but he is most closely affiliated with Turk Black Hat. He has and continues to work on many projects with them.
Reza Darkcoder full name Mohammad Reza Espargham is the administrator for the Iranian Dark Coder Team. He goes by the moniker Mrsc0 and his team is responsible for 4,322 notifications on Zone-H alone. The team forum is light on posts of substance but the teams skill are very noteworthy. He also runs a small blog under his hacker moniker in what little share time he has between his government full time job and his after hours hacking.
Dariush NasirPour is the co-founder and administrator for Black Hat Group. He goes by the moniker net.edit0r and is A Cyber Security researcher at Imam Ali University soft research. He currently is focused on Malware Analysis, Penetration Testing, and Linux & Windows Server Security Testing. In his own words “The group aims collecting Iranian geniuses in network security and Cyber security researching and forming a unit of researching in Cyber security.” With that goal, his team has had 2,779 notifications on Zone-H. The Black Hat Group forum is filled with lots of good material from tutorials to custom tools as well as members that are always ready to help.
Mohammad Jorjandi is the registered agent, founder and CEO for webamooz.ir, a leading cyber security learning site that offers many different paid courses. Some of the different curriculum’s offered are network plus certification, Python for ethical hackers, CCNA, offensive security, penetration testing, and Windows/Linus administration. His courses are both on-demand and live instruction, they also come with different levels of certification. I imagine with time they will become the equivalent of a SANS certification in Iran. His biggest contribution to the Iranian hacking community was Shabgard.ir, a leading security forum that had hundreds of thousand's of posts by tens of thousands of users. It was the best source of free learning material on the net for the Iranian community. He brought down the site but he is still active in the different communities. He is very knowledgeable and has always been someone that you can talk to. One of his monikers is S7Az2Mm, you can follow him on twitter at https://twitter.com/s7az2mm and review his Linkedin profile.
These few members are leaders in Iranian cyber community directly influences the technological growth of thousands. They help with an open hearts, never asking for anything besides eager minds. They are highly respected individuals that have accomplished more in their short lives than most will in their entire careers. They have grown up in the Iranian digital age, driven by passion and a national pride. Personally speaking, I only ask to learn from people that I respect. Tens of thousands of people are eager to learn from these men. They mentor and guide their members, answering any questions, helping with most goals. I do not know where they get the time to do everything that they do. I could only hope to learn a fraction of what they are collectively capable of. Their are constantly thanked on many pages, posts, forums, blogs and defacements. Their work is respected, their tools are distributed, and their guidance is always welcome. With their differences, they are working together to accomplish shared goals.