A user under the name of the infamous hacking group KromSec has put the database of the Iran Ministry of Industries and Mines on a hacker forum.
KromSec has been in the cybersecurity news for cyber-attacks on the Iran government. They have openly expressed their support for the people of Iran fighting against the ruling Islamic government.
The attack comes months after the death of 22-year-old Iranian woman Mahsa Amini, who died under suspicious circumstances three days after her arrest in Tehran by Iran’s morality police.
Amini’s death sparked a big uprising against Iran, and hacker groups began supporting the Iranian citizens.
Independent Iranian media outlets reported that Amini lost her life due to repeated beatings, but Iran continued to refute the claims and argued that her death was due to an illness.
The three-week protest in Iran soon became an international issue, with several knowns personalities and celebrities joining the movement.
Several threat actors have already been a threat to Iran’s government, and a spike in cyber-attack has been noted after Amini’s death.
KromSec Attacks Iran
Kromsec, in collaboration with the notorious hacker collective Spid3r, has launched several cyber warfare offensive campaigns against Iran. The attacks are attributed to being a part of Anonymous’ #OpIran.
These attacks have caused significant problems for Tehran, targeting government websites, pro-government media, government officials, and institutions such as the central bank and various ministries.
In the latest attack, KromSec set up the Ministry of Industries and Mines of Iran as a saleable item on a popular hacker forum.
According to the post shared by KromSec on the forum, they currently have personal information stolen from the Ministry webserver.
“Today we have publicly announce the Database of the Ministry of Industries, and Mines of Iran for sale in the breached forum,” read the post by KromSec. The stolen data is being sold as an SQL file with 2,552,222 lines.
In a similar incident, on January 10, 2023, a member of the KromSec threat group posted a sensitive database belonging to Iran’s National Standards Organization on a dark web forum.
The information included in this database was highly confidential, containing details of government officials and other sensitive data.