IRGC websites under attack
On the 7th October the US Federal Bureau of Investigation (FBI) blocked 92 domains that it claimed the IRGC used to spread false news in order to interfere in the US presidential election. The FBI did not provide a list of the banned websites or did not name the people who own these domains. However the FBI said that the websites claim to be news agencies but are really used to spread the values of the IRGC. Some internet investigators have identified the banned websites and named them as domains of the International Union of Virtual Media (IUVM) network.
About one month before the FBI identify these websites, a group of Iraqi hackers called the Eagles of Mesopotamia attacked many websites that they claimed are owned by IRGC and being used for propaganda. Many of these websites are the same as the FBI identified but there are also some different domains. It is not clear if the FBI used the information from the hacking group attacks in planning their own actions.
Some of the websites that the Eagles of Mesopotamia attacked were taken down completely but this group also defaced some websites with messages and the usernames for their social media accounts. The websites that the group hacked include ahtribune.com and ssweekly.ir and the group has also taken control of the iuvmonline.com website. On the Twitter accounts (@eaglesofmesopo1 and @iraqh4cks) the Eagles of Mesopotamia show the list of websites that they hacked and the list of officers that they say are in the propaganda network.
In the website defacement messages and the Tweets the group say that they made the attacks because of their anger at the interference of the foreign powers in Iraq, with most of the anger at Iran. Some of the messages are more hostile with aggressive language towards the martyr General Qasem Soleimani and his legacy that is left in Iraq.
The number of websites attacked by the Eagles of Mesopotamia show that they are a skilled group of hackers. At this time the attacks are only against websites that are used to spread news outside of the Iran borders and for this reason has not caused harm to Iranians. We warn the hacking group not to attack the websites or the infrastructure that would harm the people of Iran or they will receive a more aggressive response from the Iranian cyber community!
At a time after the FBI blocked the domains on the 7th October, Twitter also took down 130 accounts that the FBI said are Iranian accounts that are used to also interfere in the US presidential election. Twitter said that the accounts that it removed were not very popular accounts and so the tweets of these accounts did not reach many other accounts.