On November 1, 2024, The Hacker News reported that Iranian cyber operatives targeted the 2024 Olympics and Israeli interests using sophisticated AI tools and shell companies, according to U.S. and Israeli intelligence. The article begins:
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel’s participation in the sporting event. The activity has been pinned on an entity that’s known as Emennet Pasargad. which the agencies said has been operating under the cover name Aria Sepehr Ayandehsazan (ASA) since mid-2024. It’s tracked by the broader cybersecurity community as Cotton Sandstorm, Haywire Kitten, and Marnanbridge. “The group exhibited new tradecraft in its efforts to conduct cyber-enabled information operations into mid-2024 using a myriad of cover personas, including multiple cyber operations that occurred during and targeting the 2024 Summer Olympics – including the compromise of a French commercial dynamic display provider,” according to the advisory. ASA, the U.S. Federal Bureau of Investigation (FBI), Department of Treasury, and Israel National Cyber Directorate said, also stole content from IP cameras and used artificial intelligence (AI) software such as Remini AI Photo Enhancer, Voicemod, and Murf AI for voice modulation, and Appy Pie for image generation for spreading propaganda.
Key Points:
- Iranian group used AI tools like Remini and Murf AI to generate fake content, while creating fake hosting companies to hide operations.
- Hackers targeted Olympics displays, Israeli hostage families, and gathered intelligence on Israeli military personnel through public databases.
- Group operated under multiple aliases and used fictitious hosting providers to manage infrastructure and host Hamas-affiliated websites.
- U.S. offers $10 million reward for information about Iranian hackers targeting critical infrastructure through “Shahid Hemmat” group.