Resource Data

Hackers hit Iranian airline Mahan, claim theft of confidential data

One of Iran’s largest private airlines, Mahan Air, announced a cybersecurity incident that led to its website going offline and potentially data loss.

As the company announced on Twitter, dealing with hacker attacks is nothing out of the ordinary for them, so even if damage has been done, flight schedules will not be affected.

As such, even though people cannot access Mahan’s website, all international and domestic flights operate as usual with no changes or delays.

Additionally, the company claims the attack was successfully foiled in a short time, downplaying its importance and ignoring any real impact.

“Following the announcement of the cyberattack on Mahan Airlines systems, it is reported that due to the position of Mahan Airlines in the country’s aviation industry, such attacks have been carried out against this company on several occasions and at different times, so that they can be damaged, “read the tweet translated by Mahan Airlines.

“This is considered a normal occurrence and Mahan’s cybersecurity team has always acted smart and in a timely manner and foiled these attacks. to the previous schedule. “

Mahan's Twitter Ads
Mahan’s Twitter Ads
Source: Twitter

Target a sanctioned entity

Mahan Air was added to the US sanctions list in 2011 for supporting members of the Iranian Islamic Revolutionary Guard Corps (IRGC).

In 2019, the US Treasury issued a statement on the operations of Mahan Air, detailing the following:

“Mahan Air transported IRGC-QF officers, weapons, equipment and funds overseas in support of IRGC-QF regional operations, and also moved weapons and personnel to Hezbollah. “

“Since the start of the Syrian civil war, Mahan Air has regularly sent fighters and equipment to Syria to support the Assad regime, which has contributed to mass atrocities and the displacement of civilians.

Although Mahan’s operations clash with US strategic interests, which led to real military action in July 2020, the hackers responsible for the most recent incident do not appear to be Americans. q

The actor who took responsibility for the cyber attack on Mahan Air is “Hooshyarane Vatan”, who sees the IRGC as their enemy and says they are fighting for the rights of the Ahwaz minority (Iranian Arab minority).

The hackers claim to have stolen confidential documents exposing how Mahair Air worked with the IRGC and threatened to publish the names, numbers and evidence of Mahan’s activities.

“The hack of Mahan Airlines is the first step in a program to stop the looting and encroachment by corrupt bodies on the city and residents of Ahvaz and Khuzestan. With the confidential documents we obtained from the internal network of Mahan Airlines, we will prove our allegation of Mahan’s complicity in the IRGC’s criminal activities, and we will also show that the Quds force is plundering the money and resources of the people and the country of Iran among the insurgent groups ”, reads -on in a translated text of suspected hackers.

“And the foreign militia is wasting money and at the same time using the same oppressed people as cover for the air transport of weapons, equipment and ammunition.”

Hacker takes responsibility for hacking Mahan
Hackers take responsibility for hacking Mahan

As the actors wrote on their Telegram channel, they have evidence that the airline hides military cargoes on civilian flights to protect them from attack.

Tensions between Iran and the Western world

Over the past week, there has been a crescendo of reports of Iranian hackers targeting US, Israeli and European entities. At the same time, Microsoft released a report identifying six separate Iranian hacking groups that appear to be state sponsored.

This report culminated with the indictment of two Iranian cyber-actors who attempted to influence American voters between September and November 2020, promoting false information in “Proud Boys” garb.

The two identified actors reportedly worked for a cybersecurity company that provided services to the Iranian government.