Iranian Dark Coders Hacking Team: Everywhere and Anywhere but not Harmless

A presentation at American security conference BlackHat USA in Las Vegas, has said that Iran appears to be actively seeking for critical national infrastructure systems connected to the Internet to exploit them.

At BlackHat USA Trend Micro researchers Kyle Wilhoit and Stephen Hilt revealed how their honeypot version of a Vedeer-Root Guardian AST gas gauge monitoring system (nickname «Gaspot») apparently fooled some Iranian hackers.

The Iranian hacking group Iranian Dark Coders, so called IDC-Team, modified the names of two pumps situated in Jordan. The IDC-Team which is best known for defacements and malware distribution, renamed two different tank names in the systems, one as «H4CK3D by IDC-TEAM» and other as «AHAAD Was Here»


This is not a new thing. As a Google search will show IDC-Team has been hacking websites for a long time. According to their Facebook page the team started in 2012 and have grown since then in to a team with many members on its forum talking about hacks and bugs and computer security.

Over the last year IDC-Team have submitted more than 950 website defacements of targets all over the world. Many of these defacements are government sites (,, or companies with famous products (Jeep). This shows that the team have hacking skills that are enough advanced to damage to secure websites.

Why do they hack?

Despite the amount of hacks by IDC-Team and who they hack it is clear their agenda is little more than publicity. Their defacements are advertisements for their community and the individuals involved and they are not messages of hate and violence.

IDC-Team is everywhere and goes anywhere as Trend Micro revealed. However they appear to be looking for recognition as computer security experts and not hacktivists.