FBI warns of Iranian threat group's activity.
the cyberwire logoOct 24, 2022

The FBI has issued a warning about Iranian hacker group Emennet Pasargad, who attempted to interfere with the 2020 US election.

FBI warns of Iranian threat group's activity.

The FBI has warned enterprises that Iranian hacker group Emennet Pasargad, a hacker group with ties to the Iranian government that tried to interfere in the 2020 election, is currently active.

Election interference attempt.

NBC News reports that the FBI announced in October 2020 that Iran was behind a significant attempt to influence the 2020 US presidential election. Registered Democrats in Florida received threatening emails telling them to become Republicans, and were signed by the “Proud Boys.” Gov Info Security reports that at the time of the 2020 election, the group was known as “Eeleyanet Gostar.”

Attack methodology.

Decipher reports that the FBI says the group uses “network intrusions along with information operations and fake personas that exaggerate and amplify the group’s operations.” They have also been seen exploiting vulnerability CVE-2021-44228, or Log4Shell, to get into a US organization’s server, Gov Info Security reports. The threat actors use open-source penetration testing tools, look for vulnerabilities in content management systems, and websites running PHP code or those with externally accessible mySQL databases are preferable to the group.

Reward offered.

The State Department announced a reward of up to $10 million for information about members of Emennet Pasargad. This follows a $10 million reward that was announced for information about group operators Seyyed Mohammad Hosein Musa Kazemi and Sajjad Kashian, The Record by Recorded Future reports. The two men are also on the FBI’s cyber most wanted list.