National Security

Mysterious Hackers Breach Iranian Cyber-Espionage Group

A mysterious group of hackers have revealed details about the inner workings of a well-known Iranian cyber-espionage group recognized mostly in the security community as APT34.

Knowledge of APT34’s activities came to the fore some two years ago when U.S.-based cyber researchers began tracking hacks emanating from Iran. According to the best estimates, APT34 has been active since at least 2014.

Using the online name Lab Dookhtegan, the vigilante hackers used a Telegram channel to dump information about APT34’s infrastructure, hacking tools, members, as well as the group’s targets.

Details of the information revealed are still under speculation. Reportedly, the data is under review by prominent cyber firms from the private sector such as Alphabet’s Chronicle. The exact nature of the information leak aside, the very fact that APT34 was successfully hacked is important for more big-picture reasons.

For one, APT34 is an arm of the Iranian government, not just some punks in a garage in Tehran. The fact that the group could be penetrated undermines the regime’s data security, and could also lead to some telling revelations about the regime’s tradecraft on espionage. This would be an important win for Iran’s adversaries, considering the rise in threat of the regime’s hackers targeting Western infrastructure over the past year.

As for the identity of the so-called Lab Dookhtegan group that breached APT34, experts are still guessing. One theory is that behind the leak are opponents of the Iranian regime, perhaps Iranian oppostion movements in exile, of which there are a few.

The opinions expressed here by contributors are their own and are not the view of OpsLens which seeks to provide a platform for experience-driven commentary on today's trending headlines in the U.S. and around the world. Have a different opinion or something more to add on this topic? Contact us for guidelines on submitting your own experience-driven commentary.
Samuel Siskind

Samuel Siskind studied intelligence research at the American Military University in West Virginia. He served as a squad commander in the Israeli Defense Force (IDF) Corp of Combat Engineers, in the Corps' ground battalions and later in its Intelligence Wing at regional and divisional stations. For the past five years, Samuel has worked as a consultant and researcher on physical and information security issues for private and governmental institutions, in the US, Africa, India, and Israel. He currently lives in Jerusalem.

Join the conversation!

We have no tolerance for comments containing violence, racism, vulgarity, profanity, all caps, or discourteous behavior. Thank you for partnering with us to maintain a courteous and useful public environment where we can engage in reasonable discourse.

Watch The Drew Berquist Show

Everywhere, at home or on the go.

WATCH NOW