Tehran's latest hacking activity involves easy-to-detect techniques to gain access and then pivoting to stealthier methods.

Iran could leverage its considerable hacking capabilities, which it has built up in recent years, to disrupt U.S. organizations.

Given that the group has been linked with data-wiping hacks in the past, the new activity has analysts’ full attention.

The Iranian hackers also set up their own virtual private network with “exit nodes" that change frequently, according to Trend Micro.

Microsoft has tied the attacks — some of which have been successful — with a group linked with Iran (APT 33), with a group from North Korea…

New details uncovered by CyberScoop show how much coordination went into Cyber Command's public VirusTotal upload of an Iran-linked tool.

APT33, also known as Elfin and Refined Kitten, "appears undeterred following previous exposés of their activity," Recorded Future said.

The Elfin group, a significant component of Tehran's hacking arsenal, uses a trojan to wipe victim hard drives.

APT34 has been especially active since mid-2016, based on publicly available research authored by analysts with FireEye and Kaspersky Lab.

Wednesday's report by FireEye offers the first documented activity of the group, researchers say.