Microsoft’s Digital Threat Analysis Center (DTAC) attributes a recent cyberattacks against the satirical French magazine Charlie Hebdo to an Iran-linked threat actor tracked as NEPTUNIUM (aka Emennet Pasargad, Holy Souls). The attack is a retaliation for the initiative of Charlie Hebdo of launching a cartoon contest to mock Iran’s ruling cleric.
In early January, the threat actor claimed to have hacked the database of the magazine and obtained the personal information of more than 200,000 customers. The group released a sample of the data as a proof of the hack, exposed data include the full names, telephone numbers, and home and email addresses of accounts that had subscribed to, or purchased merchandise from, Charlie Hebdo.
This data leak puts subscribers at risk of online or physical targeting by extremist organizations.
“One month before Holy Souls conducted its attack, the magazine announced it would be holding an international competition for cartoons “ridiculing” Iranian Supreme Leader Ali Khamenei.” reads the post published by Microsoft. “The issue featuring the winning cartoons was to be published in early January, timed to coincide with the eighth anniversary of an attack by two al-Qa’ida in the Arabian Peninsula (AQAP)-inspired assailants on the magazine’s offices.”
The Holy Souls group advertised the huge trove of data for sale for 20 BTC (equal to roughly $340,000 at the time).