Exclusive: Identities of Six More BlackShadow Group Members Revealed

The terrorist group "BlackShadow," operating as a cyber unit under Iran's Ministry of Intelligence (MOIS), has reportedly become active once again. This group's identity was previously exposed as being associated with a front company called "#JahatPardaz IT Solutions," based in Tehran. Since 2020, they have engaged in malicious activities targeting various Israeli entities. Their objectives include disrupting civilian infrastructure, stealing sensitive information, and inciting social unrest.

Yesterday, the account @ Terror_Alarm on the social media platforms X (and Telegram shared a photo and video providing new information about the newly established office of this group in Tehran. Today, however, I plan to expose six additional members of this group. Previously, some members of this group, along with the addresses of their former offices belonging to the cyber group *BlackShadow*, had been revealed in the media (8).

These six members, known by the names

Meysam Nosrati Azar

Seyed Hossein Mousavi Khoshdel

Seyed Mojtaba Razavi Keneti

Mohsen Soleimani

Hamid Tavassolian

and Amirhossein Bagheri

This group has brought nothing but financial burden and disgrace to Iranians on the global stage. Every time they attempt an attack, their efforts are identified and neutralized right from the start. They claim to be a large and powerful cyber organization in Iran, yet in reality, they can't even protect their own members from being exposed. They sit comfortably behind keyboards conducting terrorist operations, but in practice, they’re easily identified on the streets of Tehran. They have even lost the ability to deny their ties to the Ministry of Intelligence of the Islamic Republic.

What’s even more ironic is that they’ve had to relocate their offices several times, and each time, footage of their new location has been leaked online. What’s the point of all this effort? What goes on in the minds of these terrorists that makes them so eager to turn the whole world against the people of Iran?

In the past few weeks, every new phishing attack they attempted was detected and neutralized. As I mentioned, this group conducts its operations through facilities based in Tehran, and media outlets and political officials have previously reported its close collaboration with Hezbollah’s cyber unit and other forces supported by the Islamic Republic. This group is also known under other names, including "Agrius," "Deadwood," "SharpBoys," and "DEV-0022."

The updated and recently disclosed address of Jahat Pardaz:

Tehran - Motahari Street, Soleiman Khater Alley, Aslipour Lane, No. 7