A breathtaking cyber-week for the Islamic Republic
On June 2nd, social media users and Persian news agencies faced unbelievable news: Cyberattack against the Tehran municipality and their city cameras, as well as police’s traffic control cameras.
2 days before Khomeini’s death anniversary, some ideas were mentioned pointing out that the cyberattacks were aimed to interfere with Khomeini’s ceremony as Khamenei was supposed to give a speech in Khomeini’s “Shrine”. One of the targeted surveillance systems was Khomeini shrine’s cameras which was attacked by a hacker group that claimed to be a MEK-backed group.
During the first attack of the mentioned hacker group on the IRIB (Islamic Republic of Iran Broadcasting) (State-owned TV and Radio complex), Mujahedeen E Khalgh (MEK) group denied any contact with the hacker group, but, during the second attack, they officially confirmed that the group was backed by them. In my humble opinion, I don’t really think that MEK is directly behind the cyber attacks, what I suspect is that the hacker group is using MEK’s name to deliver a message to the Iranian regime and making them furious!
Getting back to the attacks on Tehran municipality
During this attack, over 5,000 surveillance, intelligence and police cameras were disabled. Most of Tehran municipality systems were disabled and in some cities, including Tehran and Mashhad, people were unable to purchase or top-up their bus/subway tickets and were forced to use cash.
The cyberattacks were so harsh that forced the IRIB to send a reporter to the police’s traffic control room and demonstrate a few active traffic cameras in order to show the audience that the police surveillance systems were untouched!
Judging by the previous hacks of the mentioned hacker group, we’d know that this is not a simple wave of attacks. During the attack on IRIB and after interrupting the internet live broadcast, they left a “Wiper malware” on IRIB’s systems in order to wipe the data that the hacker group wanted to be removed from IRIB systems!
According to some reports, Tehran mayor has ordered all personnel to not turn their computers on till a specified date.
On the other hand, social media users noticed and reported that the main website of the Tehran municipality had no backups, so, the tech team had to restore the website through archive[.]org snapshots!
You may think that you’re reading a screenplay, but the story doesn’t end here! On June 2nd and during the cyber strikes, when all eyes were on Khomeini’s shrine, over 160 safe boxes were robbed in the “Daneshgah branch” of Bank Melli Iran, it worths mentioning that the mentioned branch is in the central Tehran and is 20 minutes away from the Iranian parliament (Majlis)!
According to the Bank Melli authorities “The bank was running the 8-layers protocol and it took the robbers around 14 hours to perform their heist and leave the bank, which shows that alarm system, police-certified locks and additional locks. Our employees have activated the automated-call alarm system, 40cm thick vault door, alarm systems, IPTV/CCTV and facial recognition system”
A noteworthy point on this robbery is that the thieves have also stole CCTV recording hardware, furthermore, LOCKED THE DOORS after leaving the branch!
On June 3rd, another shocking news was published! Let’s go back a little bit first! When former-PM of Israel, Benjamin Netanyahu announced that their agents have successfully took the Iranian nuclear documents from Turquzabad site (Tehran) to Israel, the Iranian authorities denied the whole claim and stated that the mentioned “site” was a carpet-cleaning factory, even, the Iranian FM mocked Netanyahu and Israel! Finally, they admitted that the “Iranian nuclear documents were stolen”!
Now back to June 3rd, social media users and news agencies reported that the passport control portal in the Imam Khomeini international airport (IKA) was out of service from 23:00 to 4:00, so, the passport police had to inspect the international passengers’ passports and stamp their passports for leaving the country without registering the leave on police’s system.
Our sources informed us that the passport system of the IKA was shut down due to cyber attacks!
Iranian authorities have recently announced that the Bank Melli robbers, including two of them who fled the country, were arrested by the Iranian police and interpol. Yet, this claim remains unproven as the only evidence was a video, premiered by IRIB that was showing 10 men, in order to convince the audience and Iranian people that the arrested men were Bank Melli robbers.
Judging by the recent incidents in Iran, a lot of individuals believe that the mentioned robbery was planned and conducted by Israel and all of the mentioned events were simply a part of a bigger robbery plan!
I’m building a news team regarding Iran’s cyber incidents! In case you’re able to help my team, you may donate through the mentioned methods:
BTC:
3JRfnhJj8fXwYi1xR3pLJe4raECmSzpR6B /Expired.
Ethereum (ERC-20): 0x03676136dac9d66bf7dc56308e33fef6b9e97e43
Tether TRC-20:
TByaY7fGN4dTCEQpnsW8o1aFhid41WMiB5
