An Israeli cybersecurity firm said Iran’s government is behind Ababil of Minab, a fake hacktivist persona that has claimed a series of data breaches after the start of the war in Iran.

TechCrunch (TC) is a leading technology news and media site that covers the latest trends, startups, and innovations in the tech industry. With breaking news,  analysis, and expert commentary, TechCrunch provides  insights into the world of technology and entrepreneurship. Developers can learn about emerging technologies, funding opportunities, and market trends by following TechCrunch's coverage of the tech industry.

TechCrunch

Israeli cybersecurity firm Gambit Security has attributed the March 2026 breach of the Los Angeles County Metropolitan Transportation Authority (LACMTA) to Iranian state-backed hackers working for Iran's Ministry of State Security (MOIS). A group calling itself Ababil of Minab claimed responsibility, presenting itself as a hacktivist collective, but Gambit says forensic evidence ties it to prior MOIS-linked campaigns. The group claimed to have stolen and deleted LACMTA data, with recovery taking weeks. This follows a pattern of Iran-linked fake hacktivist groups, including Handala, which hacked medical tech firm Stryker earlier in 2026. Iranian cyber activity has escalated following U.S. and Israeli airstrikes on Iran, with U.S. agencies warning of increased targeting of American critical infrastructure.

Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover