Iranian forces behind Charlie Hebdo hack and leak operation

After French satirical magazine Charlie Hebdo launched a cartoon contest to ridicule Iran’s ruling party clerics, state-backed Iranian cyber forces stoked fear over what they claimed was theft of a massive subscriber database. It fought back with a hacking and leaking campaign designed by a Microsoft security researcher.

The FBI has accused fellow Iranian cyber operator Emennet Pasargad of influence operations that sought to interfere in the 2020 US presidential election, the FBI said in a blog published Friday. Iran has stepped up false flag cyber operations in recent years as a tool to discredit its adversaries.

According to Microsoft’s Center for Digital Threat Analysis, the group called itself the “Holy Souls” and posed as hacktivists and claimed to have obtained personal information about 200,000 subscribers and Charlie Hebdo’s purchasers in early January. bottom.

As evidence of the data theft, “Holy Souls” released a sample of 200 records containing Charlie Hebdo subscribers’ names, phone numbers, home and email addresses. The sample “may expose magazine subscribers to the danger of online or physical targeting” by extremists. The group then advertised a supposed full data cache for $340,000 on several dark websites.

Microsoft said it didn’t know if anyone had purchased the cache.

A spokeswoman for Charlie Hebdo said Friday that the paper does not comment on Microsoft’s investigation. Iran’s mission to the UN did not immediately respond to a request for comment on Friday.

The January 4th sample release coincided with the publication of Charlie Hebdo’s Comic Contest issue. Participants were asked to draw an aggressive caricature of Iran’s Supreme Leader Ayatollah Ali Khamenei.

French newspaper Le Monde has confirmed multiple victims of the leak from the sample, Microsoft said. Through the “Doll” account, he tried to spread news of the hacking and leaking operation and to incite anger towards the manga version.

The operation coincided with a verbal attack by Tehran accusing Charlie Hebdo of “insulting”.

The magazine has a history of publishing vulgar cartoons that some Muslims consider an insult. Two French-born al-Qaeda extremists attacked the newspaper’s offices in 2015, killing 12 cartoonists. Charlie Hebdo has also been the target of other attacks over the years.

The magazine announced the Khamenei caricature contest as the national one that has rocked Iran since the mid-September death of Martha Amini, a 22-year-old woman detained by Iran’s moral police on suspicion of violating the country’s strict rules. It was advertised as showing support for anti-establishment protests. Islamic dress code.

After the caricature was published, Iran closed a decades-old French research institute. Last week it announced sanctions targeting more than 30 European individuals and entities, including three Charlie Hebdo executives. It is mostly symbolic as it allows property to be confiscated.

According to the FBI, Emennet Pasargad created a relatively defamatory campaign to sabotage the 2020 US presidential election. The group claims that at least he obtained sensitive information about U.S. voters from one state election website and sent threatening emails her messages to intimidate voters masquerading as the Proud Boys group. says the FBI.

Emennet Pasargad has also conducted cyber operations since 2018 in the United States, Europe and the Middle East targeting news, shipping, airlines, oil, petrochemicals, finance and telecommunications, the FBI said. US newspaper chain Lee Enterprises was one of the suspected targets, according to the Council on Foreign Relations.

The group’s attacks since 2020 have primarily targeted Israel, according to the FBI. In some cases, destructive malware is used.