Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

U.S. Seizes More Domains Used by Iran for Disinformation

The United States this week announced that it seized 27 domain names that were employed by Iran’s Islamic Revolutionary Guard Corps (IRGC) to spread disinformation.

All of the domains, seizure documents reveal, were violating U.S. sanctions against the government of Iran and the IRGC. Twenty-three of the domains were targeting audiences abroad.

The United States this week announced that it seized 27 domain names that were employed by Iran’s Islamic Revolutionary Guard Corps (IRGC) to spread disinformation.

All of the domains, seizure documents reveal, were violating U.S. sanctions against the government of Iran and the IRGC. Twenty-three of the domains were targeting audiences abroad.

The other four, the U.S. Department of Justice reveals, were posing as news outlets, but were in fact controlled by the IRGC to target audiences in the United States. The purpose of these domains was to covertly influence U.S. policy and public opinion, thus violating the Foreign Agents Registration Act (FARA).

The seizure was performed following similar action in early October, when a total of 92 domain names leveraged by the IRGC for disinformation were seized.

Details on how these domains were being used in violation of federal law were included in the seizure warrant issued on November 3, 2020.

The fact that the IRGC controlled these domains was in violation of the International Emergency and Economic Powers Act (IEEPA) and the Iranian Transactions and Sanctions Regulations (ITSR), which require that U.S. persons obtain a license for providing services to the government of Iran.

IRGC is also believed to have provided material support to terrorist groups such as Hizballah, Hamas, and the Taliban, which resulted in IRGC being added to the Department of the Treasury’s Office of Foreign Assets Control’s (OFAC) list of Specially Designated Nationals.

Advertisement. Scroll to continue reading.

The seized domains were registered with U.S.-based domain registrars and also employed top-level domains that are owned by U.S.-based registries, but no license was obtained from OFAC for them.

Domain names “rpfront.com,” “ahtribune.com,” “awdnews.com” and “criticalstudies.org” were also seized pursuant to FARA, which seeks to keep both the U.S. government and U.S. citizens informed on the “the source of information and the identity of persons attempting to influence U.S. public opinion, policy, and law.”

Although these domains targeted an audience in the U.S., they failed to obtain proper registration pursuant to FARA and did not notify the public who is behind the content on these domains.

Related: U.S. Seizes Domain Names Used by Iran for Disinformation

Related: Smoke and Mirrors – Hack-for-Hire Group Builds Fake Online Empire

Related: Twitter Removes Iran-Linked Accounts Aimed at Disrupting U.S. Presidential Debate

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Staying the course and sticking to strategic goals allows security professionals to steadily and continually improve the security posture of their organization without allowing distractions to divert precious resources away from more important tasks.

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.