Microsoft’s Digital Threat Analysis Center (DTAC) attributes the Jan. 4 cyberattack on Charlie Hebdo to an “Iranian statesman,” the tech giant says on its website. Nicknamed “Neptunium” by Microsoft, the entity “has been identified by the US Department of Justice as Emennet Pasargad,” an Iranian cybersecurity company identified in several United States election interference operations.
In its January 4 issue, the satirical newspaper published the results of a major cartoon contest openly ridiculing Iran’s supreme leader Khamenei and the mullahs’ regime in the aftermath of mass demonstrations for women’s rights in Iran. The hack comes almost eight years after an Islamist terrorist attack on a satirical newspaper that destroyed its editorial office.
“In early January, a new online group calling itself The Holy Souls, which we can now identify as Neptunium, claimed to have obtained the personal information of more than 200,000 Charlie Hebdo customers after gaining access to the database,” reads message. Clint Watts, managing director of the Digital Threat Intelligence Center.
Souls Saints notably released a sample of this data, which included the names, phone numbers, personal addresses, and email addresses of newspaper subscribers or online shoppers. Le Monde was able to verify the authenticity of the information in question with the victims. “This information, obtained by an Iranian actor, could expose magazine subscribers to online or physical harassment by extremist organizations,” Microsoft warns.
Operating methods “typical of Iranian state-sponsored operations”.
On the Holy Souls hacker forums, they offered to sell a cache of this data for 20 bitcoins – approximately $ 340,000 at the time, or 313,000 euros. The hackers posted some of that data on YouTube and several hacker forums before several bogus social media profiles shared leaked footage and messages such as “Holy spirits unmasked Charlie’s face weekly,” according to Le Monde.
For Microsoft, the connection to the Ali Khamenei cartoon contest is clear. “We believe this attack is the Iranian government’s response to a cartoon contest organized by Charlie Hebdo,” writes Clint Watts. The methods of operation are said to be “typical of operations sponsored by the Iranian state”. During the 2022 FIFA World Cup, the FBI attributed the same methods to hackers close to Iran against an Israeli sports website. The American Foreign Relations Analytical Council also notes on its website that the suspected Iranian company Emennet Pasargad has already “attacked voting sites, news sites and spread disinformation to “weaken confidence in the American electoral system.” ‘.
The goal, according to the FBI, is “to undermine public confidence in the security of the victim’s network and data, and to embarrass the victim’s businesses and target countries.” In April 2022, the Iran-linked group Hackers of Savior claimed to have breached major Israeli databases and issued a message: “Don’t trust your governments.”
Selected for you