TEHRAN (Realist English). Iran’s Islamic Revolutionary Guard Corps (IRGC) Intelligence Organization has announced the arrest of the leader of the “Backdoor” hacking network, which it accuses of collaborating with Israel’s Mossad and anti-Iran media outlets, including Iran International.
According to Iranian state media, the group’s leader used a fabricated identity — a Dutch woman promoting Iranian women’s rights — to infiltrate online spaces and obtain sensitive information about Iranian security and intelligence officers. The stolen data was reportedly shared with hostile foreign networks.
The “Backdoor” group gained attention in 2022 after publishing personal details of morality police officers and military personnel via Telegram and Twitter. The persona was amplified by Western and Persian-language media, including Iran International, which cited the leaks in its reporting.
Following a months-long cyber operation, IRGC specialists discovered that the account was actually run by a young Iranian man, who confessed to leading a domestic hacking team. According to Iranian intelligence, he admitted that his primary motive was financial gain through cryptocurrency, and that he had received payments in exchange for targeting specific individuals and accessing classified data.
The IRGC said the probe revealed ties between “Backdoor” and the pro-Israel hacking collective “Lab Dookhtegan”, which has previously claimed responsibility for intelligence-gathering inside Iran. Investigators allege the network maintained operational links to Mossad and affiliated media organizations.
Iran’s security services described the operation as a major counterintelligence victory, reaffirming Tehran’s commitment to neutralizing foreign espionage networks operating inside the country. Officials noted that Iran has intensified its crackdown on networks connected to the CIA and Mossad, often arresting individuals accused of leaking military, nuclear, or economic intelligence abroad.
