"Unit 42 has documented wiper attacks, mass phishing campaigns, financial fraud, and surging hacktivist activity, much of which is originating outside Iran's borders during its internet blackout."
"As of March 26, 2026, Iran has surpassed 27 consecutive days of internet blackout, with connectivity dropping to between 1 percent and 4 percent of typical traffic."
"Unit 42 counted around 60 individual hacktivist groups active as of early March, including pro-Russian collectives, with a coalition executing 149 DDoS attacks against 110 organizations."
"Threat actors are impersonating major telecommunications providers, national airlines, law enforcement agencies, and energy corporations, utilizing tactics like top-level domain rotation and subdomain chaining."
Palo Alto Networks' Unit 42 reports a surge in cyber activity related to the Iran conflict, particularly after the U.S.-Israel Operation Epic Fury. Iran is experiencing a severe internet blackout, limiting state-aligned actors' capabilities. However, external actors, including around 60 hacktivist groups, are filling the void. A coalition of these groups has executed numerous DDoS attacks. Additionally, extensive phishing campaigns have been identified, with thousands of URLs impersonating major organizations and utilizing advanced tactics to deceive victims.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]