The Iranian threat actor called Neptunium by Microsoft has been involved in the recent hacking operation targeting the satirical French magazine, Charlie Hebdo.
Microsoft’s Digital Threat Analysis Center (DTAC) shared the linking to the same group that has been identified by the US Department of Justice as “Emennet Pasargad” in the past.
In early January, the threat actor claimed that it had obtained the personal information of more than 200,000 Charlie Hebdo customers after gains access to a database. This information, obtained by the Iranian actor, could put the magazine’s subscribers at risk of online or physical targeting by extremist organizations.
The attack was conducted in retaliation for a cartoon contest by Charlie Hebdo aimed at “ridiculing” Iranian Supreme Leader Ali Khamenei. Microsoft said Neptunium advertised the trove of stolen data on YouTube and several dark web forums for 20 Bitcoin (roughly $340,000 at the time).
These include a hacktivist persona claiming credit for the cyber-attack, claims of successful website defacement, leaked private data online, inauthentic social media “sockpuppet” personas, the impersonation of authoritative sources and contacting news media organizations.
The US DoJ confirmed Microsoft’s new claims, saying Emennet poses a broader cybersecurity threat outside of information operations.