Iranian Hackers: Sophisticated, Frustrated and a Rising Global Threat<br />By tracing where and how web domains were registered, as well as other data found online, Mr. Anderson concluded<br />that the aliases “mb_1986” and “ArYaIeIrAN,” represented two Iranian men whose real names were Mojtaba Borhani and Behrouz Keshvari.<br />In a report published Thursday, two independent cybersecurity researchers, Collin Anderson<br />and Karim Sadjadpour, followed nearly a decade of the day-to-day activities of Iranian hackers.<br />“We need someone for Mac in Tehran,” wrote Mr. Keshvari on June 15, 2014, bringing up a topic the two men had discussed nearly a month earlier.<br />“The vast majority of their most recent operations focuses on cyberespionage,” said Mr. Anderson, a statement echoed by John Hultquist, director of<br />intelligence analysis at the FireEye cybersecurity firm, which recently published its own report about one of Iran’s more active hacking groups<br />SAN FRANCISCO — Between breaking into the email accounts of United States government officials, political dissidents<br />and international human rights organizations, Iranian hackers liked to joke about their slow internet service, poor pay and lack of skilled colleagues.<br />Their focus on hiring people with an expertise in Apple products, specifically the Mac operating system, was unsurprising, said Mr. Anderson, given<br />that many of Iran’s dissidents and human rights workers had transitioned to Apple products in the hopes that they would prove more secure than Microsoft’s Windows software.<br />“Through their carelessness, we were able to get a real picture of who these individuals are<br />and what their goals are,” said Mr. Anderson, who has been researching Iranian hackers for more than five years.
