A ransomware group known as MBC has claimed responsibility for a recent cyber attack on Iran's railway system that disrupted train services in the country.
The group will “soon” release more information on its blog, according to DarkTracer, a darkweb criminal intelligence profiling investigation platform.
“DarkTracer found a new leak site for ransomware gang 'MBC' on DarkWeb. They announced that they would soon release leaked data from the rail system of the Islamic Republic of Iran,” DarkTracer said in a tweet.
In July, Iran’s Transport Ministry website was hit by “cyber disruption”, just hours after a similar apparent attack was carried out against the state railway company.
Iran's state television said systems used by staff of the Ministry of Roads and Urban Development were the subject of the attack that affected the ministry's portal and sub-portal sites.
It came hours after train services were disrupted on Friday, with hackers posting fake delay notices on station boards, state-affiliated news outlets reported.
The government-run railway company said only the displays were affected and that trains ran normally, but Fars news agency reported “unprecedented chaos” at stations with hundreds of trains delayed or cancelled.
Telecoms Minister Mohammad Javad Azari Jahromi at the time warned of more possible ransomware attacks unless vulnerability in computer systems was dealt with, Iranian news outlets reported.
In July 2020, former Foreign Ministry spokesman Abbas Mousavi said Iran faces “hundreds” of cyber attacks on its infrastructure every day, adding that the US was always the prime suspect, reported Bloomberg.
In late 2020, Iran said hackers launched large-scale attacks on two of its government institutions, without giving details on the targets or the suspected perpetrators.