An Iranian nation-state group sanctioned by the U.S. authorities has been attributed to the hack of the French satirical journal Charlie Hebdo in early January 2023.
Microsoft, which disclosed particulars of the incident, is monitoring the exercise cluster underneath its chemical element-themed moniker NEPTUNIUM, which is an Iran-based firm referred to as Emennet Pasargad.
In January 2022, the U.S. Federal Bureau of Investigation (FBI) tied the state-backed cyber unit to a complicated affect marketing campaign carried out to intervene with the 2020 presidential elections. Two Iranian nationals have been accused for his or her position within the disinformation and menace marketing campaign.
Microsoft’s disclosure comes after a “hacktivist” group named Holy Souls (now recognized as NEPTUNIUM) claimed to be in possession of the non-public data of greater than 200,000 Charlie Hebdo prospects, together with their full names, phone numbers, and residential and electronic mail addresses.
The breach, which allowed NEPTUNIUM to achieve entry to an inner database, is suspected to have been orchestrated as a retaliation in opposition to the publication for conducting a cartoon contest “ridiculing” Iranian Supreme Chief Ali Khamenei.
The discharge of the total cache of stolen information might result in mass doxing, Redmond additional cautioned.
“After Holy Souls posted the pattern information on YouTube and a number of hacker boards, the leak was amplified by a concerted operation throughout a number of social media platforms,” the Home windows maker’s Digital Menace Evaluation Middle (DTAC) mentioned.
“This amplification effort made use of a selected set of affect techniques, methods, and procedures (TTPs) DTAC has witnessed earlier than in Iranian hack-and-leak affect operations.”
The factors of similarity embrace using false-flag personas to conduct their hack-and-leak operations, inauthentic sockpuppet accounts, and the impersonation of authoritative sources, corroborating an October 2022 advisory from the FBI.
The aim, the FBI assessed, is to “undermine public confidence within the safety of the sufferer’s community and information, in addition to embarrass sufferer corporations and focused international locations.”
“These hack-and-leak campaigns contain a mix of hacking / theft of knowledge and data operations that affect victims by way of monetary losses and reputational injury,” the company added.
