The Atomic Energy Organization of Iran (AEOI) reported that the mail servers of one of its subsidiaries were hacked. Previously, the hacker group Black Reward published data stolen from the organization online, saying that in total they stole more than 100,000 messages and 50 GB of information.
Let me remind you that we also reported that Microsoft experts talked about Iranian hackers that attack on security conference participants.
The AEOI says that an unauthorized foreign party from an unnamed country stole emails from a hacked server, which mainly contained daily correspondence of employees and technical notes. The organization writes that it immediately took all necessary preventive measures and notified the relevant authorities and officials about the incident so that they would be ready for possible attack attempts.
Representatives of the AEOI report that the sole purpose of this hack was to attract attention and defame the image of the organization in the media.
The hacker group Black Reward, which calls itself Iranian but supposedly opposes the country’s current government, claimed responsibility for the attack.
At the end of last week, the group issued a statement on its Telegram channel saying that it had succeeded in hacking the AEOI and extracting data from 324 mailboxes of the organization, which contained more than 100,000 messages and 50 GB of information in total.
The Black Reward group initially warned that it would release the findings within 24 hours if the Iranian government did not release all political prisoners and detained protesters.
In addition, the hackers called on experts in relevant industries and the media to publish reports on the investigation of these documents.
After the Iranian authorities failed to comply with the requirements of the hackers, Black Reward published part of the stolen data in the same Telegram channel. The hackers have released several RAR archives totaling 27 GB containing 85,000 emails, and the attackers claim they are “ideal for researchers.”
Hackers write that they carefully studied all the data before publication, removing all marketing messages and spam from the dump, leaving only valuable content. Apparently, this leak does indeed contain passports and visas of Iranians and Russians working with the AEOI, reports on the condition and performance of equipment, plans for the construction of a nuclear power plant, contracts, technical reports and other documentation. Perhaps these stolen data can shed light on Iran’s attempts to build nuclear weapons.
At the end of their message, the hackers mention the 22-year-old Iranian Mahsa Amini, who was detained by the local morality police because of the wrong hijab at the end of September and soon died in the detention center. Authorities then released a statement alleging that Amini suddenly collapsed from a heart attack in the detention center and was taken to the hospital, where she fell into a coma and eventually died.
After Amini’s death, information spread on social networks that the girl was allegedly tortured by the vice police, and a wave of anti-government protests, of which Amini became a symbol, swept the country. The message of the hackers also ends with the words: “for women, life, freedom.”