Iran Hackers Target Iraq, Kurd Officials Since 2017

A hacking group with ties to Iran has been conducting a prolonged cyberespionage campaign targeting Kurdish and Iraqi officials, according to cybersecurity researchers. The group has been active since at least 2017, initially breaching systems associated with the Kurdistan Regional Government. Over the years, the scope of the campaign has widened to include entities within Iraq’s Central Government, indicating a sustained effort to gather intelligence across multiple levels of governance within the country.

In addition to Iraqi targets, the hackers have extended their operations into Central Asia, compromising a telecommunications provider in Uzbekistan. This expansion signals a broader interest in regional surveillance and intelligence collection.

The nature of the breaches and the duration of the campaign suggest a well-resourced operation with a strategic focus. The targets — government institutions and infrastructure providers — highlight the attackers’ intent to access sensitive communications and potentially influence regional dynamics through prolonged digital infiltration.