Hackers steal 50GB data, thousands of emails from Iranian nuclear facilities

But Iran plays down significance of hack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The Iranian Atomic Energy Agency has suffered a data breach that reportedly saw thousands of emails leaked - however both the agency, and the group apparently behind the attack, have their own versions of events.

Reports say the attackers breached an email server belonging to one of the agency’s subsidiaries, accessed 324 inboxes, and stole more than 100,000 emails amounting to some 50GB of data.

Now, according to a press release from the agency itself (roughly translated from Farsi), the threat actor is a foreign player, who stole and leaked the data from itsendpointsin desperation and “to attract public attention”. Other than that, the breach holds no value.

Supporting the Mahsa Amini protests

On the other hand, the group behind the attack reached out to the world via Telegram from a domestic hacking group called Black Reward, which says it carried out the assault as an act of support for protesters in Iran.

For more than month now, protests have been raging in Iran, following the death of Mahsa Amini – a young woman who died after being arrested for not adhering to the country’s strict dress code. Allegedly, the group threatened to leak the data online, unless the country’s authorities released political prisoners, and other people arrested during the protests.

State-backed Iranian hackers spread malware through links to fake VPN apps>Iranian hackers blamed for Fortinet and Microsoft Exchange hacks>These are the best ransomware protection services around

Unlike the agency, which claims the data doesn’t hold any real value, and contains mostly “technical messages and routine and current everyday exchanges,” the group says the data includes “management and operational schedules of different parts of Bushehr power plant”, passports and visas of Iranian and Russian specialists working there, and “atomic development contracts and agreements with domestic and foreign partners,”The Registerfound.

To prove its point, the group started distributing the sensitive data, but recommended interested parties to access it only via a virtual machine, as the agency’s emails are marred with viruses and other malware.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:The Register

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Quordle today – hints and answers for Saturday, November 9 (game #1020)