Iran - SparTech Software

New Android spyware variants of DCHSpy tied to Iran’s Intelligence Agency.

Security researchers have discovered four new variants of Android spyware, collectively known as DCHSpy, that have been directly linked to Iran’s Ministry of Intelligence and Security (MOIS). These findings, surfacing in the wake of heightened regional tensions following Israeli strikes on Iranian sites, underscore the ongoing evolution and sophistication of Iranian cyber-espionage operations.

Spartech Software July 21, 2025

Cybersecurity News

Iranian-sponsored fatwa crowdfunding campaign to assassinate Donald Trump surpasses $42 million and continues to grow. Here’s what we know about the thaar.ir WordPress website that is hosting it.

An Iranian-sponsored crowdfunding campaign continues to grow, aiming to raise funds for the assassination of U.S. President Donald Trump. This campaign is primarily linked to hardline Iranian clerics and groups, and has gained significant attention due to its scale and explicit purpose.

Spartech Software July 14, 2025

Computer hacker in front of a United Kingdom British flag

Cybersecurity News

UK’s ISC warns of growing threat posed by Iranian state actors against petrochemical, utilities, and financial sectors.

A new report from the UK Parliament’s Intelligence and Security Committee (ISC) has sounded the alarm over the escalating threat posed by Iranian state actors to the United Kingdom, with a particular focus on the petrochemical, utilities, and finance sectors.

Spartech Software July 11, 2025

Cybersecurity News

Iran-aligned BladedFeline cyber-espionage campaign targets government entities in Iraq and Kurdistan.

A sophisticated and long-running cyber-espionage campaign, attributed to an Iran-aligned threat group known as “BladedFeline,” has been observed targeting government entities in Iraq and the Kurdistan Regional Government (KRG), according to new research by cybersecurity firm ESET. Since its initial activities in 2017, BladedFeline has significantly evolved its toolset and operational tactics, posing a persistent threat to sensitive government operations in the region.

Spartech Software July 7, 2025

Cybersecurity News

Iranian hackers claim to possess about 100 gigabytes of emails from Trump’s circle.

Pro-Iran hackers have recently threatened to release a large trove of emails allegedly stolen from individuals closely associated with former President Donald Trump. U.S. federal officials have characterized this as a “calculated smear campaign” and dismissed the threat as “digital propaganda” designed to undermine Trump and other government officials. However, previously leaked documents by the group were authenticated and included communications about campaign strategy and legal matters involving Stormy Daniels

Spartech Software July 2, 2025

Cybersecurity News

CISA and FBI issue warning to remain vigilant during continued political tensions with Iran.

Today, CISA, in collaboration with the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), released a joint Fact Sheet titled “Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest.” This document is a direct response to increasing cyber activity from Iranian state-sponsored or affiliated threat actors, including hacktivists and government-linked groups, who are expected to escalate their operations due to recent geopolitical events.

Spartech Software June 30, 2025

Cybersecurity News

Internet restrictions in Iran have reportedly been eased.

Some of Iran’s internet access restrictions have been eased, after the country earlier this week was sent into a near-total blackout, according to Iran’s communications minister.

Spartech Software June 21, 2025

Cybersecurity News

Researchers see dramatic escalation in cyberthreats linked to Israel-Iran conflict – Here’s how to prepare for cyberwar.

As expected, there has been clear, well-documented evidence of a dramatic escalation in cyberthreats linked to the ongoing Israel-Iran conflict. This surge includes both the frequency and sophistication of attacks, with direct implications for Israel, Iran, their allies, and potentially the United States' infrastructure.

Spartech Software June 17, 2025

References

Full list of Iran IPv4 IP address blocks (IP Blocks).

Iran has over 11 million IPv4 addresses allocated, distributed across numerous IP blocks assigned to internet providers, businesses, and organizations. These IP address ranges are used for internet connectivity within the country and are regularly updated by regional internet registries and various IP geolocation databases.

Spartech Software June 1, 2025

United States	~59% of ransomware attacks globally Thousands per year
Poland	1,000+ per week
Russia	Highest cybercrime threat level
China	Thousands per year
India	115% surge in attacks Q2 2024
Ukraine	Significant surge since 2022
Brazil	Among top countries for blocked attacks
Mexico	65% of businesses hit in 2024
Germany	High targeted rate (EU)
France	High targeted rate (EU)

AS Name	ASN
Bharat Sanchar Nigam Ltd	9829
No.31,Jin-rong Street	4134
CHINA UNICOM China169 Backbone	4837
DigitalOcean, LLC	14061
HUAWEI INTERNATIONAL PTE. LTD.	136907
Amazon.com, Inc.	14618
Alibaba (US) Technology Co., Ltd.	45102
Google LLC	396982
Amazon.com, Inc.	16509
3xK Tech GmbH	200373

IP Address	Notable Exploits/Context
104.238.159.149	SharePoint zero-day, broad exploitation
107.191.58.76	SharePoint zero-day, government targets
96.9.125.147	SharePoint, previously Ivanti exploits
139.162.47.194	Exploits on CitrixBleed 2
38.180.148.215	CitrixBleed 2 campaigns
185.224.128.17	High activity, Netherlands
89.248.163.200	High activity, Netherlands
15.235.218.150	Associated with APT, active C2
45.9.148.114	Associated with C2, malicious netflow
91.107.150.184	C2 infrastructure, recent IoC