A recent cyberattack on the Los Angeles public transportation system, LA Metro, has been attributed to a pro-Iranian hacktivist group known as Ababil of Minab. The breach, detected in mid-March, resulted in operational disruptions but did not affect transit services. The attackers wiped and exfiltrated significant data, demonstrating access to internal systems including virtualization management and operational technology systems.
Analysis by cybersecurity firm Gambit linked Ababil of Minab to Iranian government-aligned hackers, revealing their involvement in attacks across multiple countries including the US and Israel, targeting various sectors. The group is suspected to be connected to previous Iranian cyber activities.