\n<\/p>\n
Security researchers say a March breach<\/a> of the Los Angeles transit system (Los Angeles County Metropolitan Transportation Authority, or LACMTA) was the work of Iranian-backed hackers. Israeli startup Gambit Security said in a report<\/a> on Tuesday that the hackers work for Iran\u2019s Ministry of Intelligence and State Security (MOIS).\u00a0<\/p>\n Reuters first wrote<\/a> about the Gambit report.\u00a0<\/p>\n A hacktivist group calling itself Ababil of Minab claimed responsibility<\/a> for the earlier hack, saying they stole, then deleted data from the LACMTA\u2019s systems. The group\u2019s name is a reference to the U.S. air strike on an Iranian school<\/a> in the city of Minab that killed more than 175 people, mostly children.\u00a0<\/p>\n \u201cThey are not a new, standalone hacktivist crew as they claim,\u201d said Gambit. <\/p>\n Ababil of Minab did not respond to a request for comment when contacted by TechCrunch.<\/p>\n Gambit said its claims are based on forensic evidence that ties the group to a previous Iran-linked campaign, as well as activity attributed to the MOIS by Israel National Cyber Directorate. Gambit said it investigated other attacks against companies in Israel, Saudi Arabia, and Turkey.<\/p>\n \t\t\tDo you have more information about Ababil of Minab or other Iran-linked hackers and their cyberattacks? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email<\/a>.<\/a>\t\t<\/div>\n If Gambit\u2019s assessment is correct, Ababil of Minab would be the latest in a series of fake hacktivist groups that are working for the Iranian government. The most recent example is Handala<\/a>, which earlier this year hacked U.S. medical tech giant Stryker<\/a>, wiping thousands of company systems and employee devices.<\/p>\n Following the Stryker breach, the FBI seized two Handala websites<\/a>, and the U.S. Justice Department accused Iran\u2019s government<\/a> of being behind the hacktivist group and its attacks.\u00a0<\/p>\n Iranian-linked hackers have increased their activities and their claimed hacks after the U.S. and Israel started bombing Iran earlier this year. In April, a coalition of U.S. agencies warned that Iranian hackers were targeting American critical infrastructure<\/a>.<\/p>\n<\/div>\nContact Us<\/h4>\n