A pro-Iranian hacktivist group named Cyber Fattah has leaked thousands of personal records allegedly tied to participants and visitors of the 2024 Saudi Games, intensifying an ongoing wave of ideologically driven cyber attacks in the Middle East.
Cyber Fattah Claims Responsibility for Massive Breach
Cybersecurity firm Resecurity confirmed that Cyber Fattah announced the breach on Telegram on June 22. The group published SQL database dumps, revealing data stolen through unauthorized access to the Saudi Games’ phpMyAdmin backend.
“This operation reflects Iran’s broader use of data breaches as propaganda against the U.S., Israel, and Saudi Arabia,” Resecurity stated.
The leaked files, which appeared on DarkForums, include:
- Credentials of IT staff
- Government email addresses
- Personal information of athletes and visitors
- Passport and ID scans
- Bank statements and medical forms
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
A user named ZeroDayX shared the data using a burner profile, likely created to maximize visibility of the breach.
Hacktivism Escalates Amid Iran-Israel Cyber Warfare
Cyber Fattah’s actions are part of a growing trend of Middle East hacktivism, where groups use cyberattacks to further political and ideological agendas. The group has previously targeted Israeli and Western institutions and works alongside actors like 313 Team, which recently claimed a DDoS attack on Truth Social following U.S. airstrikes on Iran.
Resecurity noted a potential strategic pivot: “This incident suggests a shift from purely anti-Israel activities to broader anti-U.S. and anti-Saudi narratives.”
At least 119 hacktivist groups have declared cyber support or actions related to the Iran-Israel conflict, according to Cyberknow.
Pro-Israel Groups Strike Back
In response, Israeli-linked hackers have launched their own cyber campaigns. A group known as Predatory Sparrow claimed responsibility for leaking data from Iran’s Ministry of Communications and for hacking Nobitex, Iran’s largest cryptocurrency exchange. The group reportedly destroyed digital assets by sending them to invalid wallets.
“This wasn’t about financial gain,” said researcher Lidia López Sanz. “It was a psychological and ideological strike aimed at eroding public trust.”
On June 18, Iran’s state broadcaster IRIB suffered a TV stream hijack, displaying anti-regime and pro-Israel visuals. Officials blamed the incident on Israel.
Hacktivist Alliances and Global Spillover
The ongoing cyber war has spurred loose alliances between hacktivist groups. Umbrella entities like Cyber Islamic Resistance and United Cyber Front now coordinate attacks in support of Palestine and Iran.
One such group, DieNet, has gained attention for its multinational makeup, including Russian-speaking members with ties to Eastern European cyber communities.
“DieNet is unique due to its hybrid identity,” noted Trustwave SpiderLabs. “Language, metadata, and internal communication patterns suggest strong cross-regional cooperation.”
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
From June 13 to 20, researchers recorded over 5,800 messages across hacktivist Telegram channels, with DieNet cited 79 times, making it the most referenced actor during that window.
Cyber Warfare Becomes Strategic Weapon
Experts say these incidents underscore the growing role of cyber operations in modern geopolitical conflicts, from Israel-Iran, Bharat-Pakistan to Russia-Ukraine.
“Digital operations now supplement physical warfare,” Trustwave concluded, “shaping narratives, targeting infrastructure, and disrupting adversaries without crossing borders.”
About the author – Ayush Chaurasia is a postgraduate student passionate about cybersecurity, threat hunting, and global affairs. He explores the intersection of technology, psychology, national security, and geopolitics through insightful writing