Probing an Active Digital Trail of Iranian Hackers | WhoisXML API

Threat reports

Probing an Active Digital Trail of Iranian Hackers

The cybersecurity community and law enforcement agencies have been tracking the activities of Iran-based hackers for quite some time now.

To assist them, WhoisXML API researchers took a deep dive into the domain portfolio of some of the threat actors, revealing:

  • Publicly accessible email addresses owned by the hackers connected to 4,000+ domain names
  • Some domains in the portfolio that have been reported as malicious led to more personally identifiable email addresses connected to 980+ additional domains
  • Common text strings used in the malicious domains led to 1,100+ additional domains, 12% of which were also malicious

Get access to our findings and uncover more on your own. Download the threat research materials now.

Try our WhoisXML API for free
Get started