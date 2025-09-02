Threat Intelligence, Critical Infrastructure Security
Iranian shipping fleet compromised by Lab Dookhtegan hacking operation
U.S.-sanctioned Iranian maritime firms National Iranian Oil Tanker Company and Iran Shipping Lines had at least 64 tanker and cargo ships' communications breached by anti-Iranian hacking operation Lab Dookhtegan last month, Security Affairs reports. After achieving initial compromise of Iranian satellite communications firm Fannava in March, Lab Dookhtegan proceeded to map the country's fleet modem, deactivate the Falcon communications system, and overwrite half a dozen storage partitions, while erasing logs, recovery data, and configurations, according to a report from the Nariman Gharib blog. "They've been sitting inside Irans maritime network for five months straight. They had persistent access this entire time, could flip systems on and off whenever they wanted, and probably monitored every communication going through," said Nariman Gharib. Such an attack, which follows the threat group's disruption of 116 ships in March, comes amid recent sanctions imposed by the U.S. on Iranian oil.
