An Iranian opposition outlet on Sunday named the Islamic Revolutionary Guard Corps commander and other officials allegedly behind several cyberattacks over the past year, including the recent hack on Albania that led Tirana to sever diplomatic ties with Tehran.
According to the Saudi-sponsored Iran International, the IRGC’s top cyber commander is Hamid Reza Lashgarian, an assistant professor at Imam Hossein University in Tehran.
Lashgarian was named in a Sky News report last July as head of Intelligence Group 13, a sub-group in an offensive cyber unit that tracked Western targets.
The report said Lashgarian, 61, was born in Tehran and identified the street where he lives. Lashgarian’s wife, Fatima Zahra Farrokh, was also named in the report, but no details were given on her alleged role in the hacking.
The other alleged senior Iranian hackers named in the report were brothers Mohammad Hossein Shirinkar and Mohammad Bagher Shirinkar, as well as their son-in-law Seyyed Mehdi Hashemi Toghroljerdi.
The latter two were sanctioned by the US last year for allegedly threatening American voters ahead of the 2020 presidential election.
ادامه حملات خرابکارانه جمهوری اسلامی در خاک اروپا، اینبار در قالب حمله سایبری به کشور آلبانی.
مجموعه اطلاعات اختصاصی که به دست اینترنشنال رسیده نشان میدهد گروههای سایبری سپاه پاسداران و وزارت اطلاعات چه هویتی دارند و چگونه عمل میکنند؟
گزارشی از مجتبا پورمحسن pic.twitter.com/0k5VCpQmbr
— ايران اينترنشنال (@IranIntl) September 11, 2022
Mohammad Bagher Shirinkar, who also goes by Mojtaba Tehran, was separately sanctioned in 2019 for providing “technical support” to the IRGC’s cyber unit.
Iran International did not specify the involvement of Shirinkar’s brother, but described him as a key figure in the group, while Toghroljerdi was said to be the head of an Iranian company alleged used to carry out cyberattacks.
The report came a day after NATO-member Albania accused Iran of launching a fresh cyberattack, following the major attack in July. Tehran has rejected the accusations and called Albania’s decision to cut relations and expel Iranian diplomats “an ill-considered and short-sighted action.”
A report by Microsoft last week said the targeting of Albania was likely “retaliation for cyberattacks Iran perceives were carried out by Israel and the Mujahedeen-e-Khalq (MEK),” an Iranian opposition group that regularly hosts summits in Tehran.
On Friday, the US announced sanctions on Iran’s Ministry of Intelligence and Security and its minister Esmail Khatib over Tehran’s alleged involvement in attacks against the US and its allies.
The Islamic Republic has also itself been targeted by cyberattacks, most notably in 2010 when the Stuxnet virus — believed to have been engineered by Israel and the US — infected its nuclear program.
Agencies contributed to this report.