On Wednesday, ZDNet mentioned that hacker with the net call Lab Dookhtegan leaked a fixed of hacking tools belonging to Iran’s espionage agencies, often diagnosed because of the APT34, Oilrig, or HelixKitten, on Telegram. The leaks began someplace inside the mid-March and blanketed touchy records, mostly such as usernames and passwords.

ZDNet was given aware about this hack while a Twitter consumer DMed them a number of the identical files that have been leaked on Telegram. Though this Twitter person claimed to have labored on the institution’s espionage marketing campaign, ZDNet believes that it’s also viable that he is a member of a foreign intelligence business enterprise seeking to cover their actual identity. ZDNet’s assumption is that the Twitter user may be the Telegram Lab Dookhtegan character.


The hacker leaked the supply code of six hacking tools: Glimpse, PoisonFrog, HyperShell, HighShell, Fox Panel, and Webmask. Many cyber-protection specialists along with Chronicle, Alphabet’s cyber-protection department, showed the authenticity of this equipment.

Along with this equipment, the hacker also leaked the content from numerous active backend panels, where sufferer information had been collected. Chronicle, Alphabet’s cyber-protection department, showed to ZDNet that the hacker has leaked data of 66 sufferers, particularly from countries within the Middle East. These statistics become accrued from each authorities companies and private businesses. The hacker additionally leaked facts from APT34’s beyond operations, sharing the IP addresses and domain names where the group hosted web shells and other operational facts.

Besides leaking the facts and supply code of the hacking tools, the hacker additionally made public personal data of the Iranian Ministry of Intelligence officials who had been involved with APT34 operations such as phone numbers, pics, and names.

The hacker admitted at the Telegram channel that he has destroyed the manipulate panels of APT34’s hacking equipment and wiped their servers smooth. So, now the Iranian espionage institution has no desire other than starting over. Going by the leaked documents, it seems that Dookhtegan additionally had some grudge in opposition to the Iranian Ministry of Intelligence, which he knew as “merciless,” “ruthless” and “criminal”.

Now, numerous cyber-protection companies are reading the leaked records. In an email to ZDNet, Brandon Levene, Head of Applied Intelligence at Chronicle, stated, “It’s in all likelihood this organization will regulate their toolset that allows you to preserve operational fame. There may be a few copycat activities derived from the leaked gear, however, it’s miles unlikely to look full-size use.”

Leave a comment

Your email address will not be published. Required fields are marked *