Monday, Jun 30, 2025 // (IG): BB // GITHUB // SN R&D
How Israel-Aligned Hackers Hobbled Iran’s Financial System
Bottom Line Up Front (BLUF): Pro-Israeli hacking group Predatory Sparrow carried out coordinated cyberattacks on Bank Sepah and Nobitex, Iran’s state-run bank and its largest cryptocurrency exchange, amid escalating military tensions between Israel and Iran. The operations disrupted financial services, extracted or destroyed around $100 million, and directly targeted infrastructure used by the Iranian military.
Analyst Comments: These attacks blur lines between cyberwarfare and conventional conflict, with non-state but likely state-aligned actors engaging in precision financial sabotage. The choice of targets reflects strategic intent: disrupting the Iranian Revolutionary Guard Corps’ financial arteries and public trust in alternative financial tools like crypto. Expect further tit-for-tat cyber responses and intensified campaigns against civilian-accessible infrastructure, particularly in the fintech and banking sectors.
FROM THE MEDIA: Predatory Sparrow took responsibility for disabling Bank Sepah’s ATMs and online banking systems and compromising Nobitex, exfiltrating approximately $100 million in crypto funds. The group reportedly obtained private wallet keys and “burned” the assets by transferring them to inaccessible addresses, some labeled with anti-IRGC messages. Iranian authorities responded by restricting internet access and issuing warnings against using foreign devices. The breaches followed Israeli airstrikes on Iranian nuclear sites and appear timed to maximize disruption. Israeli officials declined to confirm direct involvement but emphasized ongoing efforts to dismantle Iran’s military funding mechanisms through digital means.
READ THE STORY: WSJ
China Claims AI-Driven Advances in Classical Computing Amid Quantum Rivalry
Bottom Line Up Front (BLUF): China’s Ministry of Science and Technology has announced a series of breakthroughs in classical computing, driven by AI-accelerated chip design and advanced system architectures. While the claims remain unverified, the move signals China's strategic pivot to enhancing classical computing capabilities as a counterweight to U.S.-led quantum computing efforts.
Analyst Comments: This announcement is part of a broader Chinese strategy to ensure technological self-reliance and compete with U.S. innovation on multiple fronts. China may be attempting to close the performance gap without depending solely on quantum computing by emphasizing AI-enhanced chip design and high-performance classical architectures. If validated, these breakthroughs could reshape global computing power dynamics, particularly in fields like military tech, AI model training, and cyber capabilities. However, transparency and independent verification will be crucial to assessing the real impact.
FROM THE MEDIA: Officials claimed improved efficiency in AI-driven semiconductor design and system integration. The report highlights an AI-based toolset for optimizing chip layout and interconnect performance, purportedly surpassing conventional EDA tools in speed and accuracy. The developments come amid increasing scrutiny of China’s claims in quantum computing, suggesting a shift in narrative to more verifiable classical innovations. Chinese state media framed the news as part of a “dual-front race” against Western quantum research.
READ THE STORY: The Register
China’s Expanded Rare Earth Export Controls Disrupt Global Supply Chains
Bottom Line Up Front (BLUF): China has intensified its export controls on rare earth materials, broadening enforcement beyond officially listed items. Despite a recent trade truce with the U.S., shipments are being delayed by additional customs inspections, chemical testing, and logistics companies' refusal to handle certain goods, threatening industries reliant on these critical minerals.
Analyst Comments: By casting a wider net around controlled items and increasing procedural opacity, Beijing creates uncertainty for global manufacturers. This raises long-term risks for tech, defense, and energy sectors, accelerating Western efforts to decouple or diversify rare earth supply chains. Strategic dependencies could evolve into economic liabilities during future conflicts if left unresolved.
FROM THE MEDIA: China's Ministry of Commerce and customs officials enforce export controls far beyond the initial seven rare earth elements and related magnets listed in April 2025. Even components like titanium rods and zirconium tubes, not on the formal control list, are being held up at ports if they reference sensitive terms like "magnet." Industry insiders describe the process as a “black box,” citing month-long delays due to third-party chemical testing. Although some European firms report recent improvement in license approvals, over 60% of export applications remain unapproved. As a result, companies are resorting to expensive air freight to avoid scrutiny. The delays come despite a 90-day trade truce signed in June between the U.S. and China.
READ THE STORY: FT
Study Finds AI Agents Still Struggle with Reliability and Task Completion in Real-World Applications
Bottom Line Up Front (BLUF): A new study reveals that autonomous AI agents, including those built on leading large language models (LLMs), fail to complete assigned tasks in up to 90% of cases under real-world conditions. Despite recent hype, researchers caution that AI agents remain immature for many practical deployments.
Analyst Comments: While LLMs like GPT-4 or Claude perform well in isolated tasks, chaining actions across multi-step workflows—especially those requiring memory, adaptation, or external tools—remains a significant challenge. The findings reinforce the need for rigorous testing, human oversight, and better agent architecture before deploying AI in high-stakes domains like cybersecurity, healthcare, or finance.
FROM THE MEDIA: Researchers from Stanford and the University of California found that AI agents powered by LLMs consistently underperformed when asked to complete real-world digital tasks such as booking flights, scheduling meetings, or performing multi-step commands. Even well-funded open-source and proprietary frameworks failed frequently due to misinterpretation, hallucinations, or inability to manage dynamic interfaces. The study warns that while AI agents hold promise, their current failure rate renders them unreliable for enterprise automation or mission-critical use without significantly improving reasoning, planning, and memory systems.
READ THE STORY: The Register
Iranian Hacker Group ‘Gonjeshke Darande’ Poses as Activists to Conduct Espionage and Disinformation Campaigns
Bottom Line Up Front (BLUF): Iran-linked threat group Gonjeshke Darande (aka "Predatory Sparrow") is conducting cyber-espionage operations by impersonating activist groups to gain trust and distribute malware. The campaign targets individuals and organizations involved in Middle Eastern political discourse, focusing on Israel and dissident communities.
Analyst Comments: This blending of cyber operations with psychological warfare reflects Iran’s evolving hybrid threat doctrine. The group’s tactics go beyond traditional espionage, aiming to undermine public trust, sow division, and collect intelligence under the guise of solidarity. Expect further targeting of journalists, NGOs, and diaspora groups critical of Tehran, especially in the context of rising regional tensions.
FROM THE MEDIA: Iranian APT group Gonjeshke Darande has adopted a new technique of posing as activists or human rights advocates to lure targets into opening malicious files or clicking infected links. The phishing emails and social media messages are crafted to resonate with recipients’ political views, making them more likely to engage. Once compromised, victims’ systems are used for data exfiltration and long-term surveillance. The group has previously been linked to high-impact attacks on Israeli infrastructure and has shown capability in using destructive wiper malware and cyber-psychological tactics.
READ THE STORY: GBhackers
Asia Tech Roundup: China Tightens Cyber Grip, Taiwan Faces Surge in Cyberattacks
Bottom Line Up Front (BLUF): China is stepping up internet regulation and cyber activity ahead of key political anniversaries, while Taiwan reports a major spike in cyberattacks attributed to Beijing-linked actors. Meanwhile, Japan and South Korea push for cybersecurity advancements amid growing regional threats.
Analyst Comments: Asia’s cybersecurity posture is evolving rapidly under escalating geopolitical tensions. China's internal internet tightening reflects a strategic move to suppress dissent and signals increased outbound cyber activity. Taiwan's exposure will likely grow as election-related cyber interference intensifies. Japan and South Korea's efforts to bolster cyber readiness suggest a widening gap between authoritarian and democratic cyber doctrines, with long-term implications for regional security architectures and global supply chain stability.
FROM THE MEDIA: China has introduced stricter internet controls and censorship protocols as it approaches sensitive political anniversaries, including the 1989 Tiananmen Square crackdown and the CCP’s founding day. Concurrently, Taiwan’s government recorded a dramatic 60% increase in cyberattacks over the past quarter, many of which are traced to China-linked threat actors. These include phishing campaigns and DDoS attacks on government and media websites. Japan has initiated new public-private cybersecurity partnerships focused on critical infrastructure. South Korea is expanding its national cyber training program to address rising threats from North Korea and beyond. Regional analysts warn that cyber conflict may soon spill over into economic and defense domains.
READ THE STORY: The Register
DOJ Delays Appeal on Tower Dumps Ruling Amid Escalating Digital Privacy Debate
Bottom Line Up Front (BLUF): The U.S. Department of Justice has delayed its appeal of a landmark court ruling that declared tower dumps—bulk cellphone location data requests—unconstitutional. This delay signals growing legal uncertainty over mass surveillance tactics and raises the stakes for a potential Supreme Court decision on digital privacy.
Analyst Comments: The DOJ's hesitation to challenge the Mississippi ruling reflects broader concern over the legal sustainability of bulk data collection under the Fourth Amendment. The ruling builds on precedents like Carpenter v. United States, and if upheld, could set strict limits on law enforcement’s digital surveillance powers. As legal ambiguity mounts, federal agencies risk losing access to tools they have relied on for years, prompting calls for legislative clarity or a definitive ruling from the Supreme Court.
FROM THE MEDIA: Forbes reported that the DOJ requested more time to determine whether to appeal a February ruling by U.S. Magistrate Judge Andrew Harris, who found the FBI’s use of tower dumps unconstitutional. The FBI had requested data from cell towers at nine crime scene locations, but the court denied the warrants, calling the data requests overly broad and incompatible with Fourth Amendment protections. Tower dumps provide telecom data—such as phone numbers and connection times—for every device near a tower, capturing data on thousands of uninvolved individuals. The ruling follows similar judicial skepticism toward geofence warrants, further complicating the surveillance landscape. While the DOJ has used tower dumps extensively, especially in high-profile cases, the agency’s reluctance to proceed with an appeal signals internal divisions over the future of mass data collection.
READ THE STORY: Forbes
Items of interest
Iranian-Backed Hackers Launch Cyber Campaign Following U.S. Military Strikes
Bottom Line Up Front (BLUF): Following recent U.S. military strikes, Iranian-backed hackers have ramped up cyber operations targeting U.S. government networks and critical infrastructure. Officials say the activity is part of a broader retaliatory campaign blending physical and digital warfare.
Analyst Comments: The shift from physical to digital targeting allows plausible deniability while still achieving strategic disruption. Sectors such as energy, transportation, and defense remain top targets, and the potential for supply chain compromise or destructive malware deployment should not be discounted. This reinforces the need for real-time threat intelligence and public-private cyber defense coordination.
FROM THE MEDIA: U.S. intelligence and cybersecurity officials have confirmed a surge in Iranian-linked cyber activity following American airstrikes on Iranian-backed militia targets. The hackers, believed to be affiliated with groups like MuddyWater and APT33, have targeted federal agencies and private contractors. Their tactics include spear-phishing, credential harvesting, and attempts to exploit unpatched systems. The cyber campaign appears to be retaliatory and coordinated, with federal agencies actively monitoring for further intrusions and issuing alerts to critical infrastructure operators. No major breaches have been confirmed publicly, but investigations are ongoing.
READ THE STORY: MSN
MuddyWater: Iran's Silent Cyberwarriors (Video)
FROM THE MEDIA: Dive deep into the shadowy world of MuddyWater, an Iranian Advanced Persistent Threat (APT) group. Known for its sophisticated cyber espionage campaigns, this group targets government, military, and critical infrastructure sectors worldwide. This documentary explores their operations, tactics, and the tools they use to infiltrate and exploit systems, including notable techniques tied to the MITRE ATT&CK framework.
Cyberwar With Iran: How Bad Could It Get? (Video)
FROM THE MEDIA: A full-scale cyberwar with Iran is unlikely. While Iran has some cyber capabilities—primarily wipers and DDoS attacks—it lacks the technical sophistication and time-intensive infrastructure access required for major industrial sabotage like targeting U.S. power grids. The most likely outcomes are limited disruption via data-wiping malware, targeted DDoS attacks, and widespread disinformation, not catastrophic infrastructure attacks.
The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.