Much has been written about Mr.Tekide and his crypters used by APT34 (OilRig) and others. Other

organizations have documented information about Mr.Tekide’s tools in ‘celebrated’ cyber attacks against Fortune 500 institutions, governments, educational organizations, and critical infrastructure entities.


However, identifying Mr.Tekide, his background, locations, and his own words has never been openly accomplished. Many believe that following an individual does not pay dividends. Treadstone 71 demonstrates the alignment of Mr.Tekide to the Iranian government through years of support using crypters such as the iloveyoucrypter, qazacrypter, and njRAT.


Information on the exploits of Mr.Tekide is found on information security and research firm sites such as TheCitizenLab out of Canada and the plethora of reports on OilRig / APT34 at using Mitre ATT&CK.


Treadstone 71 started tracking Mr.Tekide in the early days of Ashiyane as we did many of the members associated with this group and those registering for their forums.  Soon thereafter we identified Mr.Tekide yet held back the identity from almost all entities, until now.

Treadstone 71 Adversary Baseball Card

The Treadstone 71 Baseball Card is the first publically released. The content is detailed. The data may be surprising. The identity validated.

From Mr.Tekide:

I’m proud to have done projects that were done in the Ministry of Defense and I did not continue my software engineering courses, nor did I continue to work in the Ministry of Defense for my own reasons. Also, for the same reason, I was allowed to leave 10 years. I do not have a country and I do not want to stay in Iran! ….


Request for the Files

Should you wish to learn about Mr.Tekide, you will have to provide a valid business address at a minimum. We may still deny access since this is at our complete discretion. Send your business email with Name, Title, Company Name, and full business email using the form below with a brief justification.

Failure to provide any of the data removes consideration. Failure to provide a business address (i.e., non-Hotmail, Outlook, Yahoo, Gmail, Protonmail, mail, etc.) removes consideration.

Each request is addressed individually with files specifically marked for each approved requestor. Access time for pick up is clocked (i.e., expiration date/time) and pickup documented. Approval is not instantaneous and may take up to 24 hours for validation.


Copyright Treadstone 71 2016©








The card is now available at Treadstone 71

By Treadstone 71

@Treadstone71LLC Cognitive Warfare Training, Intelligence and Counterintelligence Tradecraft, Influence Operations, Cyber Operations, OSINT,OPSEC, Darknet, Deepweb, Clandestine Cyber HUMINT, customized training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, Disinformation detection, Analysis as a Service