Iran-Linked 15-Node Relay Exposed

Iran-Linked 15-Node Relay Exposed

An open directory misconfiguration exposed a 15-node relay network attributed to Iran-linked threat actors, according to a botnet relay disclosure published by cybersecurity researchers. The exposed environment revealed the full operational infrastructure, a result of an opsec failure by the actors maintaining the network.

A 15-node relay architecture indicates a structured approach to traffic obfuscation — distributing connections across multiple hops to complicate attribution and intercept. Open directory exposure of such infrastructure allows analysts to map node relationships, staging patterns, and potential command-and-control routing without active interdiction.

️ Open sources - closed narratives

@sitreports

Source: Telegram "sitreports"