A hacktivists group that calls itself “Black Reward” claimed the responsibility for the breach of the internal email system of Iran’s Nuclear Power Production and Development Company and announced it was releasing images of Iran’s nuclear facilities and at least 50GB of data from Iran's atomic energy organization (AEOI).
The group declared support for ongoing protests in Iran sparked by the death of 22-year-old Mahsa Amini in the custody of Iran’s morality police on September 16 after her arrest for allegedly violating the country's strict dress code for women.
The released information reportedly includes internal emails, contracts and construction plans related to “management and operational schedules of different parts of the Bushehr power plant,” and “atomic development contracts and agreements with domestic and foreign partners.”
The nuclear agency has acknowledged the hack, but downplayed the incident saying that “these illegal efforts out of desperation are aimed at attracting public attention.” The AEOI did not specify which foreign country it believes to be behind the attack.
In related news, the US Federal Bureau of Investigation (FBI) released a security alert last week warning of hack-and-leak operations targeting organizations in the US and Israel by an Iran-based group called “Emennet Pasargad.” Since at least 2020, Emennet has been targeting entities primarily in Israel with cyber-enabled information operations that included an initial intrusion, theft and subsequent leak of data, followed by amplification through social media and online forums, and in some cases the deployment of destructive encryption malware.
In addition, the US cybersecurity and intelligence agencies published a joint advisory detailing cyber activities of a cybercrime gang known as the Daixin Team that is actively targeting US businesses, mainly in the healthcare sector, with ransomware and data extortion operations.