One of the challenges of the Computer Crimes Act is the ambiguity in the definition of cyber theft and cyber fraud and the difference between the two. The legislator has dedicated Chapter Three of the Computer Crimes Act to computer-related theft and fraud without specifying which of these two articles is dedicated to cyber theft and which of these two articles is dedicated to cyber fraud and what is the difference between the two, and this ambiguity has led to differences in the views of lawyers and judicial procedures. In addition, it has legal jurisprudential effects. This article addresses this question using a descriptive and analytical method and in a library manner, and ultimately concludes that the boundary between computer-related theft and computer-related fraud is not well-defined, and as a result, court procedures are different. This hypothesis was proven that if the issue is the theft of data that has no value, it is cyber theft, and if the issue is the theft of money, goods, benefits, services, or financial privileges through data modification, it is cyber fraud. Of course, this legal establishment of the legislator has no proportion to the definition and conditions of traditional theft and fraud, and is considered a new legal establishment that does not comply with the Iranian criminal law system and causes problems. Among them, an act that is considered theft from a jurisprudential perspective and can be subject to the hadd penalty despite the conditions is excluded from the subject of theft and, as a result, will not be subject to the hadd penalty for theft, which is contrary to jurisprudential standards.