Probing an Active Digital Trail of Iranian Hackers | WhoisXML API

Threat Reports

Probing an Active Digital Trail of Iranian Hackers

To download the threat research materials, please fill in the form.

The cybersecurity community and law enforcement agencies have been tracking the activities of Iran-based hackers for quite some time now.

To assist them, WhoisXML API researchers took a deep dive into the domain portfolio of some of the threat actors, revealing:

  • Publicly accessible email addresses owned by the hackers connected to 4,000+ domain names
  • Some domains in the portfolio that have been reported as malicious led to more personally identifiable email addresses connected to 980+ additional domains
  • Common text strings used in the malicious domains led to 1,100+ additional domains, 12% of which were also malicious

Get access to our findings and uncover more on your own. Download the threat research materials now.

Try our WhoisXML API for free
Get started