InfoSecBulletin Cybersecurity for mankind
A group called APT IRAN recently reported a cyber attack on Iran’s telecom industry. They say they breached the databases of Iran Telecom and Irancell, with a file size of 4TB.
The vulnerability of these telecom giants to cyber threats has been brought to light by this shocking revelation. APT IRAN, a threat actor group, has sent a strong warning to Iran Telecom and Irancell, indicating that their servers are currently at risk.
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE
They also said they would release a video and 4TB of sensitive data to prove their claim. They made this announcement on the dark web, where they initially made the claims about the cyber attack on Iran’s telecom.
We encountered difficulties in establishing communication with MTN Irancell, the telecommunications company affected by the incident, as their website was not accessible at that time.
The website is currently inaccessible, suggesting that there may be a major issue with the services, and isitdownrightnow.com said Irancell.ir is DOWN for everyone. (29.09.2023 PM)
A website showing the “This site can’t be reached” error message could be caused by different things. One possibility is a DDoS attack, where servers receive too much traffic and can’t respond.
In addition, a DNS attack that specifically targets the Domain Name System can cause a disruption in the process of converting domain names into IP addresses, resulting in inaccessible websites. This issue can be further worsened by compromised network infrastructure and malware infections.
While the exact motives behind this Iran telecom cyber attack remain undisclosed, it is worth noting that Telecom retirees in Iran have been persistently rallying for over a decade to address their denied needs.
The Iran Telecom cyberattack is an ongoing story. As this story continues to unfold, updates will be provided as more information emerges or official confirmation is obtained from the affected company.
MEDIA DISCLAIMER: This report is based on research from various sources. The information provided is for reference only and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information.
