Iranian hackers that tampered with 2020 election could once again target U.S., FBI warns
An Iranian hacking group accused of attempting to interfere in the 2020 presidential election, and attacking an unnamed U.S. organization in early 2022, could once again be looking to infiltrate American targets, the FBI warned in a notice late Thursday.
The group identified as Emennet Pasargad has been using “false-flag campaigns under the guise of multiple personas” to target Israeli organizations in recent years and carry out hack-and-leak operations, the bureau said. The “FBI judges these techniques may be used to target US entities as seen during Emennet’s cyber-enabled information operation that targeted the 2020 US Presidential election.”
The warning comes as Iran faces dramatic internal protests raging for more than a month after the death of Mahsa Amini, who was detained by Iranian morality police over her public appearance, and subsequently died in police custody. Iranian leaders accuse the U.S. of using the crisis to destabilize the country, Reuters reported in September.
Thursday’s notice from the FBI included reference to “a destructive cyber attack against a U.S. organization” as evidence that “the group remains a cyber threat to the United States.”
The notice did not name the organization, but said the attack was a “means to target the Iranian opposition group The People’s Mujahedin (aka MEK).” That attack included the leaking of personally identifiable information and that the “activity resulted in destructive effects on victim infrastructure.”
The FBI on Friday declined to offer any additional detail related to this particular attack.
In late July, a hacktivist front group calling itself “Homeland Justice,” which researchers with Mandiant and then multiple governments have linked to Iran, attacked the government of Albania with destructive malware over its ongoing hosting of MEK members.
The government of Albania subsequently severed diplomatic ties with Iran over the affair, and the group continues to leak information stolen during the attack to its Telegram channel.
The Emennet Pasargad group has used at least…