Security Researchers Breach Phishing Server Belonging to Iranian Hacker Group Rocket Kitten

November 10, 2015


On November 9, 2015, it was reported that researchers as Check Point security successfully breached and took over a phishing server belonging to the Iranian hacker group Rocket Kitten.

Rocket Kitten have been active since early 2014, and mainly targeted individuals and groups opposed to the Iranian government. The researchers who managed to breach Rocket Kitten’s servers confirmed their ties to the Iranian government and also obtained several pieces of hacker software the group was using such as keyloggers, password stealers, malware such as Trojans and injection tools, and backdoor software. The group also revealed the identities of Rocket Kitten members, naming them as Yaser Balaghi and Mehdi Mahdavi – both software engineers from Tehran.

Graph of Rocket Kitten activity compiled by Check Point security

Source:, November 9, 2015.