An Internet user claiming to be affiliated with Anonymous said that the Iranian assembly had been hacked.
Jakub Porzycki | Nurphoto via Getty Images
Anonymous and other global hacking groups are engaged in a multi-pronged cyberattack against Iran, joining the fight with protesters on the ground in resistance to the country’s strict hijab laws.
Thousands of amateur hackers have organized online to orchestrate cyberattacks against Iranian officials and institutions, as well as to share tips on how to get around restrictions on Internet access by using privacy-enhancing tools.
Internet access in Iran has been extremely limited in recent weeks after protests erupted over the death of Mahsa Amini, a 22-year-old Iranian Kurdish woman.
Amini died in a Tehran hospital under suspicious circumstances on September 16 after being detained by Iran’s so-called “morality police” for allegedly violating the country’s strict Islamic dress code by wearing her hijab too loosely.
Eyewitnesses claim that Amini was beaten by the police. Iranian authorities have denied any wrongdoing and say Amini died of a heart attack.
Iran’s Foreign Ministry did not respond to a CNBC request for comment. On Monday, Iran’s Supreme Leader Ayatollah Ali Khamenei made his first public comments on the protests, endorsing the police and blaming the unrest on “foreign interference” by the United States and Israel.
Doxing and DDoS attacks
On September 25, Anonymous, the international hacktivist collective, claimed to have broken into the Iranian Parliament database, obtaining personal information from lawmakers.
A YouTube account purporting to be affiliated with the group said the Iranian assembly had been hacked.
“The Iranian parliament supports the dictator when it should support the people, so we are releasing the personal information of all of them,” they said, their voices altered in typical cyber-gang fashion.
On the Telegram messaging app, Atlas Intelligence Group, another hacking group, says it has leaked phone numbers and email addresses of Iranian officials and celebrities, a tactic known as “doxing.”
He also offered to sell apparent location data from the Islamic Revolutionary Guard Corps, a branch of Iran’s armed forces, according to Check Point, which has been documenting the efforts of hacktivists in Iran.
Anonymous-affiliated groups say they also published data allegedly coming from various government services, ministries and agencies, as well as a university, and claimed responsibility for attacks on the Iranian presidency, the central bank and state media.
While it is difficult to verify the hackers’ claims, cybersecurity experts said they have seen numerous signs of disruption in Iran by vigilante hackers.
“We have seen some indications of government websites being taken offline by hackers,” Liad Mizrachi, a security expert at Check Point Research, told CNBC. “Predominantly, we’ve seen this done through Distributed Denial of Service (DDoS) attacks.”
In a DDoS attack, hackers overload a website with large amounts of traffic to make it inaccessible.
“Mandiant can confirm that several of the services claimed to have been disrupted have been offline at various times and, in some cases, remain unavailable,” Emiel Haeghebaert, a threat intelligence analyst at Mandiant, told CNBC. cyber security.
“Overall, these DDoS and doxing operations may increase pressure on the Iranian government to seek policy changes,” he said.
Regarding Anonymous’s involvement, Haeghebaert noted that it was “consistent with activity” previously credited to the organization’s affiliates. Earlier this year, Anonymous launched a series of cyberattacks against Russian entities in response to Moscow’s unprovoked invasion of Ukraine.
Bypass internet restrictions
Hacking groups are encouraging Iranian citizens to bypass Tehran’s internet blockade by using VPNs (virtual private networks), proxy servers and the dark web, techniques that allow users to mask their identity online so that Internet Service Providers (ISPs) cannot track them. .
On the Telegram messaging app, a group with 5,000 members is sharing details about open VPN servers to help citizens bypass Tehran’s internet blockade, according to cybersecurity firm Check Point, which has been documenting the hacktivists’ efforts. in Iran.
A separate group, with 4,000 members, distributes links to educational resources on the use of proxy servers, which funnel traffic through an ever-changing volunteer-run community of computers to make it harder for regimes to restrict access.
As dissent in the Islamic Republic grew, the government moved quickly to speed up internet connectivity and block access to social media services such as WhatsApp and Instagram, in an apparent effort to prevent images of police brutality from spreading. are shared online.
At least 154 people have been killed in the Iranian government crackdown as of Sunday, according to the independent, non-governmental Iran Human Rights Group. The government has reported 41 deaths.
The web security firm Cloudflare and the Internet monitoring group NetBlocks have documented multiple examples of disruptions to telecommunications networks in Iran.
“It has been really difficult to stay in contact with friends and family outside of Iran. The internet is messy here, so sometimes we can’t communicate for days,” a young professional in Tehran told CNBC via Instagram message, requesting anonymity for fear of his safety.
“I have limited access to Instagram, so I use it at the moment” to contact people, he said, adding that he and his friends rely on VPNs to access social media platforms.
It is believed to be one of the worst internet blackouts in Iran since November 2019, when the government restricted citizens’ access to the web amid widespread protests over rising fuel prices.
“THE INTERNET IS CLOSED TO HIDE THE MURDER. BE OUR VOICE,” read several videos and posts widely shared by Iranian activists on social media, along with images of street protests and police violence.
Digital freedom activists are also trying to teach Iranians how to access the Tor browser, which allows users to connect to regular websites anonymously so their ISPs can’t know what they’re browsing. Tor is often used to access the “dark web”, a hidden part of the Internet that can only be accessed using special software.
“This is not the first time we have seen actors involved in Iranian affairs,” Amin Hasbini, director of global research and analysis at cybersecurity firm Kaspersky, told CNBC.
Lab Dookhtegan, an anti-Iran hacking group, is known to have leaked data allegedly pertaining to Iranian cyber espionage operations on Telegram, for example. A Check Point report from last year detailed how Iranian hacking groups targeted dissidents with malware to keep tabs on them.
Source: news.google.com