Attackers strike Mahan Airlines to stress their connection with the IRGC-QF

Cyber Attackers Mahan Airlines IRGC-QF Iran Data Breach

One of Iran’s biggest airlines, Mahan Air, was reportedly hit by a cyberattack that the Hooshyarane Vatan threat group allegedly conducted. The said threat group stole documents involving the airline to the Islamic Revolutionary Guard Corps.

The airline acknowledged to the public about being hit by the attack but added that it had already been under control.

The data breach against the airline was initially unknown; however, security experts said that if the threat actors have managed to steal important documents from the airline, it could only be a part of at least two other cyberattacks that tried to strike the Islamic Republic and possibly humiliate its integrity among the Westerns.


The new cyberattack on Mahan Airlines may contribute additional humiliating proof against the Islamic Republic during such a sensitive time upon them having nuclear negotiations with world leaders for the coming week.


The US has long listed Mahan Airlines on its sanctions list since 2011 for catering materials, financial, or technological support to the Islamic Revolutionary Guard Corps-Quds Force (IRGC-QF). From a 2019 US Treasury statement, it is said that the airline has moved IRGC-QF operatives, funds, equipment, and weapons overseas to support their regional operations. Mahan Air was also under fire for transporting personnel and weapons for a Shia Islamist political party and a militant group from Lebanon, Hezbollah.

From a separate report, another threat group, Edalat-e Ali (Ali’s Justice), has hacked a widely known Iranian prison back in August and stole footage from the prison’s security cameras that revealed how the correctional officers were beating the prisoners violently. The footage was published and led to a global outcry that made the prison officials express their apologies and guilt.

Nonetheless, Mahan Air highlighted that their airline had been hit with similar attacks several times that they already considered a normal occurrence. The airline’s cybersecurity team are professionally trained to mitigate and neutralise such cyberattacks.

Still, Hooshyarane Vatan claims to acquire sensitive internal documents, reports, and emails from the airline’s systems that may contain indications of their affiliation to the IRGC. They also said that Mahan Air may have detected the data breach but could not stop it.

About the author

Leave a Reply