Iranian Hacking Group MuddyWater Targets Turkish Users
An Iranian hacking group with links to the Intelligence Ministry has attacked high-profile targets in Turkey.
An Iranian hacking group with links to the Intelligence Ministry has attacked high-profile targets in Turkey.
According to a report by tech news website ZDNet on Tuesday, the Iranian advanced persistent threat (APT) group MuddyWater has penetrated the Turkish health and interior ministries as well as private companies to gain access to customer data.
An APT is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.
Researchers at Cisco Talos Intelligence Group -- one of the world’s largest commercial threat intelligence teams -- said last week that the latest MuddyWater campaign dates to November 2021, when they sent phishing emails to many Turkish users.
The emails were spoofed to look they’re from the health and interior ministries and utilized malicious PDFs and Microsoft Office documents as an initial attack vector.
Since at least 2017, MuddyWater -- also known as Mercury or Static Kitten -- carried out attacks against organizations in the US, Israel, Europe, and the Middle East, including a months-long effort to breach government networks in Turkey, Jordan and Iraq.
Earlier in January, the US military officially confirmed that Iran's intelligence ministry is connected to the cyber espionage group.
Earlier on Tuesday, the US State Department announced up to $10 million reward on two Iranian cyber actors for trying to interfere with the 2020 presidential election.
Israeli Defence Minister Benny Gantz began a visit to Bahrain on Wednesday amid heightened tensions in the Gulf after missile attacks on the United Arab Emirates by Yemen's Iran-backed Houthi movement.
Announcing Gantz's trip only after his arrival in Manama, Israel's Defense Ministry said he would sign a security cooperation agreement with Bahrain, which along with the UAE normalized relations with Israel in 2020.
The United Arab Emirates on Monday intercepted a missile during a visit by Israel's president, the third such attack in two weeks claimed by the Houthis.
In disclosing Gantz's official visit, the Israeli defense ministry made no mention of the Houthi attacks nor gave details of what a security accord with Bahrain would include.
Israel this week is taking part in a large Middle East naval exercise for the first time publicly joining Saudi Arabia and Oman, two counties it has no diplomatic relations with.
Gantz flew to Bahrain on an Israeli air force transport plane. It was the first time an Israeli defense chief had visited the Gulf nation or that an Israeli military aircraft had landed there.
"Honored to be here and looking forward to meeting the Kingdom's leaders," Gantz wrote on Twitter.
The US-brokered Abraham Accords signed by Bahrain, the UAE and Israel built on common commercial interests and worries about Iran.
The Omicron variant of Covid-19 is sweeping through Iran while authorities haven’t decided on possible restrictive measures yet.
Health Minister Bahram Eynollahi said on Wednesday that some of the proposals about nationwide lockdowns by the ministry are not approved by the country’s Covid-19 taskforce despite the increasing rate of infections and hospitalizations.
Eynollahi said when the contagion reaches a peak, patchy quarantine or isolation of cases will be ineffective, calling for a total lockdown.
The authorities’ hesitation to announce nationwide shutdowns may be attributed to the government plans to hold celebrations, including nationwide rallies to mark the anniversary of the 1979 revolution.
This would not the first time the Islamic Republic prioritizing official events over the health and safety of people. There were media allegations that authorities played down the threat from Covid back in early 2020 so as not to deter voting in the parliament election.
Last Thursday, the health minister announced the start of the sixth wave of the coronavirus pandemic as hospitals reported an increasing number of referrals related to the highly infectious Omicron variant.
According to latest reports, over 40 cities are designated as “red zones”, which means hotspots with the highest number of cases, while the daily verified cases on Wednesday were over 38,000.
Iran’s oil export income grew by 494 percent in the first 5 months of the Raisi administration, Fars news agency affiliated with the Revolutionary Guard reported Tuesday.
The report is an attempt to shed a positive light on the embattled hardliner government, covering a range of budgetary and other economic indicators, but the claim about more oil exports is not too far from other estimates showing weakness in enforcing United States sanctions.
Fars said that from mid-August when Ebrahim Raisi took office until mid-January, Iran sold about $2.8 billion of oil and related products, while in the last four months of the previous administration oil exports totaled just $500 million. (The report mentions the figures in rials, and we converted the amounts using an average exchange rate of $1=250,000 rials.)
The Raisi administration and its political allies almost on daily basis try to show that his government has a far better record in economic performance, including circumventing Unites States’ sanctions.
Putting the two figures together, Iran is still far behind in meeting its budget estimate from oil revenues. The roughly $3.3 billion dollars accrued since the beginning of the Iranian fiscal year on March 21, 2021, constitutes less around 30 percent of the budget projection for oil sales in this fiscal year. Iran’s original projection was to export around $15 billion in this period.
Current estimates of oil sales vary widely, ranging from 650,000 to more than one million barrels a day, with China boosting its imports in the final months of last year. However, Iran sells it oil with a big discount, according to its own officials, but both the true volume of exported oil and its price remain a secret.
The $3.3 billion reported by Fars for total oil exports since August seems low, even if we take the lower estimated exports by the discounted price of $50 per barrel, Iran should have made close to $5 billion in five months. Therefore, there are three possibilities: The figures mentioned by Fars are wrong; the estimate of 650 barrels per day is too high; or Iran is offering buyers much steeper discounts.
Fars claims that its report is based on information collected from official sources.
The report also claims that borrowing from the central bank declined by 30 percent since raisi assumed office, but this assertion amounts to an accounting gimmick.
The government sold about $5.4 billion of “Islamic Bonds”, which is another term for indirect borrowing from the central bank. A large enough private capital market to digest billions of dollars in government bonds simply does not exist in a country which has had around $60 billion in capital flight since 2018. The bonds are simply sold to government-owned banks, which have their own liquidity problems and have to borrow from the central bank, which in turn prints money.
Officials and media have been warning about the huge increase in liquidity since 2017 and this is the secret to government’s financing amid US sanctions. But as more money gets printed, inflation skyrockets and the national currency’s exchange rate drops. One US dollar now buys eight times more rials than it did in 2017.
An Iranian official says the Islamic Republic is losing the lucrative Iraqi energy market to Saudi Arabia.
Hamid-Reza Salehi, a member of Iran’s Chamber of Commerce, told ILNA on Wednesday that the reason Iran is losing the $20 to $30 billion market is the government’s views about the private sector.
He added the administration wants to keep the electricity exports to Iraq at a minimum level because it cannot get its money due to sanctions, noting that Saudi Arabia and Egypt are replacing Iran there.
Salehi said that if the government had the right approach about the private sector, it would use its blocked assets in Iraq to help private companies expand their activities there.
Saudi Arabia and Iraq signed a memorandumof understanding on January 25 to connect their electricity grids, which can supply much-needed power to Iraq.
Baghdad relies heavily on Iranian electricity imports, while in addition, one third of its electricity comes from thermal power plants which use Iranian natural gas. However, during the last few years, Iran has always cut gas exports in winters and curbs electricity deliveries in summers due to its own domestic shortages.
Moreover, Egypt -- that produces an electricity surplus estimated at between 26 and 38,000 megawatts according to Sky News Arabia -- agreed in July 2021 to supply 700 megawatts of electricity to Iraq through expanding its power interconnection with Jordan.
Discontent in Iran has tripled in a year according to what hackers say are the "top secret" minutes of a Revolutionary Guards (IRGC) taskforce meeting.
Radio Farda, a United States-funded station and based in the Czech Republic, reported Tuesday it had been given the “highly confidential” document by the ‘Edalat-e Ali’ group and published an account, the day after the group hacked live streaming on the website of Iranian state television.
Edalat-e Ali released the document on Twitter Wednesday, saying the minutes were from a November meeting of IRGC's ‘Livelihood-Based Security Crises Prevention Taskforce.’ They record an intelligence official, whose surname is given as Mohammadi, citing a survey that social discontent had increased by 300 percent in the previous year. "The society is boiling over and may explode,” the official reportedly said.
The hackers said the meeting took place at the IRGC Sarallah Headquarters, responsible for the security of Tehran, on November 21 with representatives of various bodies including the Tehran Prosecutor's Office, the intelligence ministry, police, and IRGC intelligence.
The minutes recorded Mohammadi saying that "several shocks” − including a fall in the stock market prices – had led Iranians to doubt the ability of President Ebrahim Raisi's government, which took office in August, to improve the situation and warned that protests were taking place over high inflation, delays in paying wages, and water shortage.
A police officer, ‘Colonel Kaviani,’ said that since the beginning of the Iranian calendar year on March 21 there had been a year-on-year increase of 48 percent in protest rallies with a 98 percent increase in participants, mainly in front of the parliament and the ministry of labor. He predicted a 22 percent increase in protests in subsequent months.
In the past few months many Iranian media and politicians have warned that economic pressures may lead to social upheavals. Chief Justice Gholam-Hossein Mohseni Ejei said Monday, according to the IRGC-linked Javan newspaper, that people might lose trust in politics "if they see that social justice is diminishing."
Funeral of the Islamic Republic
Ahmad Naderi, a conservative member of parliament, on January 30 blamed the previous administration of President Hassan Rouhani administration for economic woes but also criticized Raisi’s draft budget bill. “We will reach a point where we will see great social upheavals if these approaches [in the economy] continue,” he said.
Hawks in the United States have for years argued that US ‘maximum pressure’ sanctions, which sent the Iranian economy from growth to deep recession in the two years after 2018, should be stepped up to foment social unrest.
The nature and motivation of the hackers Edalat-e Ali are unclear. The group appeared last August by circulating footage from security cameras in Tehran's Evin prison and recently hacked television coverage of the Iran-United Arab Emirates football match with a video showing Guy Fox masks from the 2005 US-British film V for Vendetta.
The group said they wanted to turn the ten-day celebration of the 1979 Revolution into "the funeral of the Islamic Republic.” Edalat-e Ali group's name evokes the first of the twelve Shiite Imams, Ali, but may also refer to Supreme Leader Ali Khamenei.
