An Iranian threat actor called Neptunium microsoft has been linked by the tech giant to a recent hacking campaign targeting the satirical French magazine Charlie Hebdo.
Microsoft’s Digital Threat Analysis Center (DTAC) shared its findings in a blog post last Friday, suggesting that Neptunium may be the same group previously identified by the U.S. Department of Justice (DoJ) as “Emennet Pasargad.” I added that it is highly
“In early January, a previously unheard-of online group, ‘Holy Souls’ (now identifiable as Neptunium), ‘obtained the personal information of more than 200,000 Charlie Hebdo customers after making a profit’.” claimed.[ing] Accessing the Database” and read the blog post.
“This information obtained by the Iranian actor could put magazine subscribers at risk of online or physical targeting by extremist groups.”
Security experts said the attack was in retaliation for a caricature contest by Charlie Hebdo aimed at “mocking” Iran’s Supreme Leader Ali Khamenei.
According to Microsoft, Neptunium advertised its stolen data piles on YouTube and several dark web forums for 20 Bitcoins (approximately $340,000 at the time).
“The attack has some similar elements to previous attacks carried out by Iranian nation-state actors,” he said. Microsoft post By Clint Watts, General Manager of DTAC.
These include hacktivist personas claiming credit for cyberattacks, successful website defacements, online personal data breaches, deceptive social media “sockpuppet” personas, spoofing trusted sources, news Includes contacting media organizations.
write in Recommendation Last year, the U.S. Department of Justice confirmed Microsoft’s new allegations, saying Emennet poses a wide range of cybersecurity threats beyond information manipulation.
“Since 2018, Emennet has conducted traditional cyberattack campaigns targeting several sectors, including news, shipping, travel (hotels and airlines), petroleum and petrochemicals, finance, and telecommunications. in the United States, Europe, Middle East. “
Both Microsoft’s and the DoJ’s advisories contain recommendations to help system administrators protect their networks from Neptunium attacks.
The news comes days after the Iranian threat actor Cobalt Sapling was discovered targeting Saudi Arabia. new persona It’s called “Abraham’s Ax”.
