| SYMBOL | COMMON_NAME | aka. SYNONYMS |
IRLeaks is a threat actor known for significant cyberattacks targeting Iranian organizations, including a major breach of SnappFood, where they exfiltrated 3TB of sensitive data from 20 million user profiles. They have also compromised data from 23 leading Iranian insurance companies, offering over 160 million records for sale. Their operations involve extortion tactics, as seen in the ransom negotiations with Tosan, and they utilize malware such as StealC for data extraction. IRLeaks communicates primarily in Persian and has been active in selling stolen data on cybercriminal marketplaces.
There are currently no families associated with this actor.
| 2024-09-09
⋅
SC Magazine
⋅
Significant ransom payment by major Iranian IT firm underway IRLeaks |
| 2024-09-04
⋅
Cybershafarat
⋅
Major IR leaks IRLeaks |
| 2024-01-04
⋅
OODA Loop
⋅
Pilfered Data From Iranian Insurance and Food Delivery Firms Leaked Online IRLeaks |
| 2024-01-03
⋅
CISO Series
⋅
Cybersecurity News: Google $5B suit settled, Orbit Chain loses $80M, FDA cyber agreement IRLeaks |
| 2024-01-02
⋅
HackRead
⋅
Iranian Food Delivery Giant Snappfood Cyber Attack: 3TB of Data Stolen IRLeaks |