According to Iranian media reports, the group’s leader operated online under the deceptive persona of a Dutch girl defending the freedom of Iranian women, and according to Press TV, provided sensitive information about Iranian security forces to anti-Iranian media networks, including Iran International, and networks linked to Israel’s Mossad.
The case began in 2022 when a “backdoor” Telegram channel and Twitter account gained notoriety by publishing personal information about moral police officers and other military personnel.
Originally, Backdoor was about a young European woman revealing a secret to help an Iranian woman.
This narrative was greatly amplified by foreign media, especially Iran International, which broadcast reports based on leaked data.
However, as a result of multi-layered intelligence operations conducted by cyber experts from the Revolutionary Guards, it was determined that the person was neither a “girl” nor a “Dutch national”, but a young Iranian man who was leading a domestic hacking group.
According to his confession, his main motive was to earn income through cryptocurrencies.
Captured leaders confessed to receiving rewards for specific targets and valuable information.
Investigation revealed that the hacker group was part of a broader and more dangerous network involving Iran International journalists, rival hacker group Rabo Douktegan, and eventually Mossad.
The “Rabo Douktegan” group is known for its openly pro-Zionist tendencies and boasted on its Telegram channel of its role in collecting intelligence targets inside Iran during the recent conflict.
Iran’s security services have made identifying and destroying foreign espionage a top priority.
Operations frequently target networks run by the CIA and Mossad, often resulting in the arrest of dual nationals and individuals who have leaked classified military, nuclear, and economic information.
MNA