The hack of the French satirical magazine Charlie Hebdo in early January 2023 has been attributed to the Iranian nation-state group, which is being sanctioned by the US government.
Microsoft, which has revealed details of the incident, is tracking activity clusters with chemical element-themed names Neptunean Iran-based company known as Emennet Pasargad.
In January 2022, the U.S. Federal Bureau of Investigation (FBI) linked state-backed cyber units to a sophisticated influence campaign run to disrupt the 2020 presidential election. Two Iranian citizens have been accused of being involved in a disinformation and intimidation campaign.
Microsoft’s disclosure revealed that a group of “hacktivists” named Holy Souls (now identified as NEPTUNIUM) possessed the personal information of over 200,000 Charlie Hebdo customers, including their names, phone numbers, home and email addresses. It was done after claiming that
The breach, which gave NEPTUNIUM access to its internal database, was allegedly orchestrated as retaliation for the publication’s holding of a cartoon contest to “mock” Iran’s supreme leader, Ayatollah Ali Khamenei. I’m here.
Redmond further warns that exposing the full cache of stolen data could lead to massive doxxing.
“After Holy Souls posted sample data on YouTube and multiple hacker forums, the leak was amplified by collaboration on several social media platforms,” said the Windows maker’s Digital Threat Analysis Center (DTAC). increase.
“This expansion effort draws on a specific set of impact tactics, techniques, and procedures (TTPs) that DTAC has previously witnessed in Iran’s hack and leak impact operations.”
Similarities include using false flag personas to perform hack-and-leak operations, fake sockpuppet accounts, and impersonation of authoritative sources, corroborating the October 2022 FBI recommendations. I’m here.
The purpose, as assessed by the FBI, is to “undermine public confidence in the security of the victim’s network and data and embarrass the victim’s business and the targeted country.”
“These hack-and-leak campaigns involve a combination of hacking/data theft and information manipulation, impacting victims through financial loss and reputational damage,” the agency added. rice field.
