Threat Intelligence

Iranian-backed hackers linked to Los Angeles transit system breach

According to TechCrunch, security researchers have linked a March breach of the Los Angeles transit system to Iranian-backed hackers. An Israeli startup, Gambit Security, stated in a report that the group responsible for the attack works for Iran’s Ministry of Intelligence and State Security (MOIS).

The hacktivist group Ababil of Minab initially claimed responsibility for the breach, stating they had stolen and subsequently deleted data from the Los Angeles County Metropolitan Transportation Authority (LACMTA) systems. Gambit Security, however, asserts that Ababil of Minab is not an independent hacktivist crew but rather a front for the MOIS. Their assessment is based on forensic evidence connecting the group to previous Iran-linked campaigns and activity attributed to the MOIS by the Israel National Cyber Directorate. Gambit also reported investigating other attacks against companies in Israel, Saudi Arabia, and Turkey.

If Gambit's findings are accurate, Ababil of Minab represents another instance of fake hacktivist groups operating on behalf of the Iranian government, similar to the Handala group that recently targeted U.S. medical tech giant Stryker. This follows a broader trend of increased Iranian-linked hacking activities, particularly after U.S. and Israeli military actions against Iran earlier this year, prompting warnings from U.S. agencies about Iranian hackers targeting American critical infrastructure.

Source: TechCrunch

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds