nasir security

Ransomware group profile

12Victims

LebanonSource country

31Impact score

Description

Nasir Security is a politically motivated cybercriminal group that emerged in late 2025, linked to Iran and operating under various aliases. Their operations focus on cyber warfare and propaganda, utilizing tactics such as data theft, supply chain attacks, and disinformation strategies rather than financial gain alone.

Key insights

•Uses business email compromise and spear phishing to gain initial access.
•Focuses on supply chain attacks to evade direct defenses of larger organizations.
•Employs insecure cloud storage services for data exfiltration.
•Engages in direct and double extortion, leveraging data leak sites.
•Combines propaganda with cyber operations to exaggerate the scale of breaches.

Industries

Education Energy & Utilities Government & Defense Hospitality Manufacturing Other Technology Transportation

Threat Level & Status Breakdown

For nasir security · Based on incidents in selected period

1.5threat level

Aggressiveness3/ 10

Lethality0/ 10

Criticality1.4/ 10

Status Breakdown

Claimed83.3%10

First seenOct 2025

Last seenApr 2026

Avg ransom—

Payment rate—

Statusactive

Sophistication0

Last updatedJun 2, 2026

Recent activity

Monthly attack count for nasir security in the selected period

12Total attacks

8peak in Mar

4avg / month

Intelligence

IOCs, YARA/Sigma rules, and related families for nasir security

nasir.cc

View full IOC feed1 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for nasir security

Other

T1486

T1490

T1021

T1562

T1078

T1547

T1059

T1566

T1530

T0819

T1656

Victims(12)

Company	Domain	Country	Industry	Status	Discovered
Yad Vashem Museum Hacked!	—	IL Israel	Education	Claimed	about 2 months ago
Kuwait Ministry Of Interior Hacked!	—	KW Kuwait	Government & Defense	Claimed	about 2 months ago
Dubai Airport - Data Leaked	—	AE United Arab Emirates	Other	Claimed	2 months ago
UAE Customs (Federal Customs Authority) - ACCESS GRANTED !	—	AE United Arab Emirates	Government & Defense	Claimed	2 months ago
The Most Massive Hack Operation in UAE History. It's Just The Beginning of Nightmares...	—	AE United Arab Emirates	Other	Claimed	2 months ago
Al-Safi Oil Company (PURE IN) Hacked	—	SA Saudi Arabia	Energy & Utilities	Claimed	2 months ago
Rumaila Operating Organisation Compromised	—	—	Energy & Utilities	Claimed	3 months ago
Oman CC Energy Development Hacked	—	OM Oman	Energy & Utilities	Claimed	3 months ago
Dubai Petroleum Breached	—	AE United Arab Emirates	—	Claimed	3 months ago
Mission Announcement	—	—	—	Claimed	3 months ago
First Statment	—	LB Lebanon	—	Unknown	8 months ago
Taldor Hacked	—	IL Israel	Government & Defense	Unknown	8 months ago

Affected countries(7)

Countries where this group has been reported to target or leak victims.

🇦🇪United Arab Emirates 🇮🇱Israel 🇮🇶Iraq 🇰🇼Kuwait 🇴🇲Oman 🇸🇦Saudi Arabia 🇺🇸United States