Hacker Group “MuddyWater” uses Microsoft Teams to Steal Credentials
Days ago, the security company Rapid 7 announced on their website that the group MuddyWater has carried out a new ransomware attack. The MOIS aligned threat actor group, MuddyWater, which has been active since around 2018, has carried out a…
Pendar Kooshk Imen (PKI) Hacked
We have received information showing that Pendar Kooshk Imen Company has been hacked by an unknown group, resulting in a breach of the company’s supposedly secure communications with the national banking sector. This intrusion means that this seemingly new group…
Class-Based Internet in Iran and the Rollout of the New “Pro Internet” Plan
Historically, the Islamic Republic has repeatedly used internet shutdowns as a tool to suppress and censor its people. “White SIM cards” in Iran are a compelling example of how the regime uses this as a tool. White SIM cards (SIM…
Prana Network: We Hacked Two IRGC Front Companies
This morning, ICNA received an e-mail that appears to have been sent from a compromised e-mail server belonging to the company “Golden Globe”. In the email the hacking group Prana Network claims that, in addition to hacking Golden Globe, it…
A new hacking group, “Ababil of Minab”, has entered the cyber arena
A new pro-Iranian hacking group has emerged called Ababil of Minab. Ababil of Minab has named itself after the missile attack on Shajareh Tayyebeh school in Minab, Hormuzgan province in Southern Iran which occured on the 28 February resulting in…
Continuation of Iran’s war on the cyber battlefield
Whilst the conflict between the US/Israel coalition and Iran continues, Iran’s regime has intensified its effors in the cyber war. The hacking group Handala which emerged shortly after the Hamas attacks on Israel on 7 October and who previously claimed…
Significant cyber attack on Stryker Inc.
The Handala hacking group, affiliated with the Ministry of Intelligence and Security, have announced that they have carried out a “unique cyber operation” against the US medical equipment company Stryker. In a statement the group called the attack a retaliation…
Cyber campaign “Red Kitten” targets human rights activists and NGOs
“Red Kitten” is an advanced persistent threat group affiliated with the Islamic Revolutionary Guard Corps (IRGC), which started its activities in January 2026, during the country-wide protests. It appears that the group has conducted a campaign targeting NGOs and human…
What you should do during an internet outage
For years, the government has had a history of using the limiting of internet access as a tool for censorship and oppression against the Iranian people. Therefore, the aim of this report is to provide guidance on how to counter…
Iranian hacking group carries out cyber operations against 2 Swedish companies
Swedish news outlet ‘Dagens Nyheter’ have published an article stating that hacker networks connected to the Islamic Republic of Iran Intelligence Services, in Spring this year, exploited 2 Swedish software companies and their trade infrastructure to carry out covert cyber…