New leaks of Iranian cyber-espionage operations hit Telegram and the Dark Web
For the second time in three weeks, leaked data exposes Iranian hacking operations. Last month, a mysterious actor using the moniker Lab Dookhtegan leaked information on the state-backed Iranian hacking group APT34 (aka OilRig, HelixKitten) through a Telegram channel. Now, a group using the name Green Leakers has leaked information on the cyber-espionage operations of the Iranian MuddyWater hacking group and a second, previously unknown Iranian threat actor referred to as the Rana Institute.
Security researchers have verified the authenticity of the leaked data, which includes images of source code, command and control server backends and targeted victims.