04 Feb 2023; MEMO: An Iranian government-backed hacking team allegedly stole and leaked private customer data belonging to French satirical magazine, Charlie Hebdo, security researchers at Microsoft said on Friday, Reuters reports.
The magazine was hacked in early January after it published a series of cartoons that negatively depicted Iran's Supreme Leader, Ayatollah Khamenei. The caricatures were part of a media campaign that Charlie Hebdo said was intended to support anti-government protests in the Islamic nation.
Representatives for the Iranian and French governments did not immediately respond to requests for comment. A press officer for Charlie Hebdo said the magazine had no comment on the matter "for the moment". Iran publicly vowed an "effective response" to the "insulting" cartoons, and summoned the French envoy in Tehran, while also ending activities of the French Institute of Research in Iran and saying it was re-evaluating France's cultural activities in the country.
READ: French naval forces seize Iran arms shipment to Yemen
The hack-and-leak targeting Charlie Hebdo was part of a wider digital influence operation with techniques matching previously identified activity linked to Iranian state-backed hacking teams, Microsoft researchers said in a report. The group responsible is the same one that US Department of Justice officials earlier identified as having conducted a "multi-faceted campaign" to interfere in the 2020 US presidential election, Microsoft said. Iran denied the claims at the time.
Amid Iran's criticism of the Khamenei cartoons, a group of hackers calling itself "Holy Souls" posted on an online forum that they had access to the names and contact details of more than 200,000 Charlie Hebdo subscribers. In their post, they said they would sell the information for 20 bitcoins ($470,000).
A sample of the leaked data was later released and verified as authentic by the French newspaper, Le Monde.
"This information, obtained by the Iranian actor, could put the magazine's subscribers at risk for online or physical targeting by extremist organisations," the Microsoft researchers said.
To amplify their operation, the Iranian hackers used Twitter accounts with fake or stolen identities to criticise the Khamenei cartoons. Two accounts impersonating a Charlie Hebdo editor and a technology executive also posted the leaked data before Twitter banned them, Microsoft said.