The Associated Press reports that a group, suspected to be based in Iran and working for its government, has attempted to hack and disrupt aviation and petrochemical industries, in Saudi Arabia, South Korea and the United States.

A cybersecurity company called FireEye sounded the alarm on Wednesday, September 20 that the hackers left behind a new malware capable of destroying targeted computers. A similar attack in 2012 and 2016 on Saudi Arabia was attributed to Iranian hackers, sheltered by the government.

Stuart Davis, a director at one of FireEye's subsidiaries told AP, "Today, without any repercussions, a neighboring country can compromise and wipe out 20 institutions".

AP also reports that one of the malicious websites used in the operation was registered in February 2016 via an Iranian company called Server Pars, the firm's chief executive, Ali Mehrabian, said. Mehrabian declined to make the customer's name available publicly, citing his company's privacy policy, but said they had a Tehran address. The hacker known as "xman" did not respond to AP’s emails asking for comment.

Iranian security and intelligence agencies are known to have extensive internet filtering and cyber penetration infrastructures. Internet traffic is monitored within the country and millions of foreign websites are blocked for Iranian users.

U.S. prosecutors in March 2016 accused hackers associated with companies linked to Iran’s Islamic Revolution Guard Corps of attacking dozens of banks and a small dam near New York City. Hackers linked to the Guard also have been suspected of targeting the email and social-media accounts of Obama administration officials.