Iranian hackers blamed for Los Angeles transit system breach

An Israeli cybersecurity firm has attributed a cyberattack on the Los Angeles transit system to Iranian state-backed hackers. The group operated under the fake hacktivist persona 'Ababil of Minab' and claimed responsibility for a series of data breaches. The attack took weeks for the transit system to recover from.

An Israeli cybersecurity firm has linked Iran's government to a damaging cyberattack on the Los Angeles transit system, identifying the perpetrators as operating behind a fabricated hacktivist front known as 'Ababil of Minab.' The breach caused significant disruption, with recovery efforts stretching over several weeks.

According to researchers, Ababil of Minab is not a genuine grassroots hacker collective but rather a fake persona constructed to obscure Iranian state involvement. The group has claimed responsibility for a series of data breaches that emerged following the outbreak of hostilities involving Iran, using the hacktivist cover to add deniability to what investigators believe are government-directed cyber operations.

The Los Angeles transit system attack is part of a broader pattern of Iranian cyber activity targeting infrastructure in Western countries and Israeli-aligned nations. Analysts say the use of false-flag hacktivist identities is a well-documented tactic in state-sponsored cyber warfare, allowing governments to conduct offensive operations while distancing themselves from direct attribution.

Cybersecurity experts warn that critical public infrastructure — including transit networks, utilities, and communications systems — remains highly vulnerable to such attacks. The Los Angeles incident underscores how disruptions to everyday services can result from geopolitical conflicts playing out in cyberspace, with ordinary commuters bearing the practical consequences of state-level hostilities.