Cyberattack on Los Angeles Transport: Experts Blame Iranian Hackers

According to a report by Israeli firm Gambit Security, the March cyberattack on Los Angeles’ transport infrastructure (LACMTA) was carried out by a hacker group operating under the control of Iranian intelligence services. Experts state that the group, calling itself Ababil of Minab, is not an independent hacktivist collective but acts in the interests of Iran’s Ministry of Intelligence (MOIS).

The attackers claimed to have stolen and deleted data from LACMTA systems, but Gambit Security disputes the group’s independence. The report presents evidence linking Ababil of Minab to previous attacks attributed to Iranian state-backed entities. Targets have included companies in Israel, Saudi Arabia, and Turkey.

Experts note a significant rise in activity by Iranian hacker groups in recent months, particularly following escalations in the Middle East conflict. In April 2024, U.S. authorities warned of targeted attacks on the country’s critical infrastructure. Earlier, a similar Iran-linked group, Handala, attacked U.S. medical corporation Stryker, wiping data from thousands of employee devices.

According to Gambit Security, Ababil of Minab uses symbolism referencing tragic events in the Iranian city of Minab, which may further confirm the involvement of Iranian authorities. The group has not commented on the allegations.