AP

Microsoft: Iran unit behind Charlie Hebdo hack-and-leak op

Feb 3, 2023, 8:12 AM | Updated: Feb 6, 2023, 12:08 pm

After the French satirical magazine Charlie Hebdo launched a cartoon contest to mock Iran’s ruling cleric, a state-backed Iranian cyber unit struck back with a hack-and-leak campaign that was designed to provoke fear with the claimed pilfering of a big subscriber database, Microsoft security researchers say.

The FBI blames the same Iranian cyber operators, Emennet Pasargad, for an influence operation that sought to interfere in the 2020 U.S. presidential election, the tech giant said in a blog published Friday. Iran has in recent years stepped up false-flag cyber operations as a tool for discrediting foes.

Calling itself “Holy Souls” and posing as hacktivists, the group claimed in early January to have obtained personal information on 200,000 subscribers and Charlie Hebdo merchandise buyers, according to Microsoft’s Digital Threat Analysis Center.

As proof of the data theft, “Holy Souls” released a 200-record sample with names, phone numbers and home and email addresses of Charlie Hebdo subscribers that “could put the magazine’s subscribers at risk for online or physical targeting” by extremists. The group then advertised the supposed complete data cache on several dark web sites for $340,000.

Microsoft said it did not know whether anyone purchased the cache.

A representative for Charlie Hebdo said Friday that the newspaper would not comment on the Microsoft research. Iran’s mission to the United Nations did not immediately respond to a request for comment Friday.

The Jan. 4 sample release coincided with the publication of Charlie Hebdo’s cartoon contest issue. Entrants were asked to draw offensive caricatures of Iran’s supreme leader, Ayatollah Ali Khamenei.

The French newspaper Le Monde verified multiple victims of the leak from the sample, Microsoft said. The Iranian cyber operators sought to boost news of the hack-and-leak operation — and fuel outrage at the cartoon edition — through fake French “sock-puppet” accounts on social media platforms that included Twitter, Microsoft said.

The operation coincided with verbal attacks by Tehran condemning Charlie Hebdo’s “insult.”

The provocatively irreverent magazine has a long history of publishing vulgar cartoons which critics consider deeply insulting to Muslims. Two French-born al-Qaida extremists attacked the newspaper’s office in 2015, killing 12 cartoonists, and it Charlie Hebdo has been the target of other attacks over the years.

The magazine billed the Khamenei caricature contest as a show of support for nationwide antigovernment protests that have convulsed Iran since the mid-September death of Mahsa Amini, a 22-year-old woman detained by Iran’s morality police for allegedly violating the country’s strict Islamic dress code.

After the cartoon issue was published, Iran shut down a decades-old French research institute. Last week, it announced sanctions targeting more than 30 European individuals and entities, including three senior Charlie Hebdo staffers. The sanctions are largely symbolic as they bar travel to Iran and allow its authorities to block bank accounts and confiscate property in Iran.

According to the FBI, Emennet Pasargad authored what amounted to a relatively ham-fisted campaign to interfere with the 2020 U.S. presidential election. The group obtained confidential U.S. voter information from at least one state election website and sent threatening email messages to intimidate voters posing as the far-right group Proud Boys, the FBI says.

Emennet Pasargad has also, since 2018, conducted cyber-operations targeting news, shipping, airlines, oil and petrochemical, financial, and telecommunications, in the U.S., Europe, and the Middle East, the FBI says. The U.S. newspaper chain Lee Enterprises was among the suspected targets, according to the Council on Foreign Relations.

The group’s attacks since 2020 have primarily targeted Israel, the FBI says. They follow a pattern of intrusion, theft, data leak and then amplification through social media and online forums. In some cases destructive malware has been used.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

The U.S. Supreme Court is seen, Thursday, Feb. 8, 2024, in Washington. The U.S. Supreme Court has h...

Associated Press

Supreme Court decision on Trump’s election status could come Monday morning

A SCOTUS decision could come Monday in the case about whether Trump can be kicked off the ballot over his efforts to undo his 2020 defeat.

21 hours ago

Republican presidential candidate former UN Ambassador Nikki Haley poses for a selfie after speakin...

Associated Press

Nikki Haley wins D.C. Republican primary, her first 2024 victory

Nikki Haley has won the Republican primary in the District of Columbia, notching her first victory of the 2024 campaign.

21 hours ago

An Apache group that has fought to protect land it considers sacred from a copper mining project in...

Associated Press

A US appeals court ruling could allow mine development in central Arizona on land sacred to Apaches

An Apache group that has fought to protect land from a copper mining project in central Arizona suffered a significant blow.

1 day ago

On Friday, March 1, 2024, the U.S. Food and Drug Administration said yogurt sold in the U.S. can ma...

Associated Press

Eating yogurt may reduce risk of type 2 diabetes, FDA says

Eating at least two cups of yogurt a week might reduce the risk of type 2 diabetes, the U.S. Food and Drug Administration said.

1 day ago

Arizona will not approve new housing construction on the fast-growing edges of metro Phoenix that r...

Associated Press

Arizona Senate passes plan to manage rural groundwater, but final success is uncertain

A plan to manage rural groundwater passed the Arizona Senate amid concerns about the availability of sufficient water for future generations.

3 days ago

A woman pauses while shopping at a Kohl's store in Clifton, N.J., Jan. 26, 2024. On Thursday, Feb. ...

Associated Press

Federal Reserve’s preferred inflation gauge picked up last month in sign of still-elevated prices

An inflation gauge favored by the Federal Reserve increased in January, the latest sign that the slowdown in U.S. consumer price increases is occurring unevenly from month to month.

4 days ago

Sponsored Articles

...

Collins Comfort Masters

Avoid a potential emergency and get your home’s heating and furnace safety checked

With the weather getting colder throughout the Valley, the best time to make sure your heating is all up to date is now. 

...

Day & Night Air Conditioning, Heating and Plumbing

Valley residents should be mindful of plumbing ahead of holidays

With Halloween in the rear-view and more holidays coming up, Day & Night recommends that Valley residents prepare accordingly.

...

Canvas Annuity

Interest rates may have peaked. Should you buy a CD, high-yield savings account, or a fixed annuity?

Interest rates are the highest they’ve been in decades, and it looks like the Fed has paused hikes. This may be the best time to lock in rates for long-term, low-risk financial products like fixed annuities.

Microsoft: Iran unit behind Charlie Hebdo hack-and-leak op