{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreig4qiuc6nresaog7723ivj47iht2ging2gbkmmacfrozciofvjx2i",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mhh6dgjn6aa2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibetgwmxyiwlrnuzpwwcsn2nn7zhw2v56mekjqc4vdz4wlgjhefru"
    },
    "mimeType": "image/jpeg",
    "size": 333418
  },
  "path": "/iran-linked-botnet-exposed-after-open-directory-leak-revealed-relay-nodes-ssh-scripts-and-active-c2-work/",
  "publishedAt": "2026-03-19T15:16:29.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Iran-linked botnet exposed after open directory leak revealed relay nodes, SSH scripts, and active C2 work",
    "VPN Central"
  ],
  "textContent": "A suspected Iran-linked botnet operation was exposed after researchers found an open directory on an Iranian-hosted server that contained the actor’s working files, deployment scripts, DDoS tools, and an in-development bot client. Hunt.io said it discovered the exposed server on February 24, 2026 and later published its findings on March 17, describing the leak as […]\n\nThe post Iran-linked botnet exposed after open directory leak revealed relay nodes, SSH scripts, and active C2 work appeared first on VPN Central.",
  "title": "Iran-linked botnet exposed after open directory leak revealed relay nodes, SSH scripts, and active C2 work"
}