Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

U.S. Seizes More Domains Used by Iran for Disinformation

The United States this week announced that it seized 27 domain names that were employed by Iran’s Islamic Revolutionary Guard Corps (IRGC) to spread disinformation.

All of the domains, seizure documents reveal, were violating U.S. sanctions against the government of Iran and the IRGC. Twenty-three of the domains were targeting audiences abroad.

The United States this week announced that it seized 27 domain names that were employed by Iran’s Islamic Revolutionary Guard Corps (IRGC) to spread disinformation.

All of the domains, seizure documents reveal, were violating U.S. sanctions against the government of Iran and the IRGC. Twenty-three of the domains were targeting audiences abroad.

The other four, the U.S. Department of Justice reveals, were posing as news outlets, but were in fact controlled by the IRGC to target audiences in the United States. The purpose of these domains was to covertly influence U.S. policy and public opinion, thus violating the Foreign Agents Registration Act (FARA).

The seizure was performed following similar action in early October, when a total of 92 domain names leveraged by the IRGC for disinformation were seized.

Details on how these domains were being used in violation of federal law were included in the seizure warrant issued on November 3, 2020.

The fact that the IRGC controlled these domains was in violation of the International Emergency and Economic Powers Act (IEEPA) and the Iranian Transactions and Sanctions Regulations (ITSR), which require that U.S. persons obtain a license for providing services to the government of Iran.

IRGC is also believed to have provided material support to terrorist groups such as Hizballah, Hamas, and the Taliban, which resulted in IRGC being added to the Department of the Treasury’s Office of Foreign Assets Control’s (OFAC) list of Specially Designated Nationals.

The seized domains were registered with U.S.-based domain registrars and also employed top-level domains that are owned by U.S.-based registries, but no license was obtained from OFAC for them.

Advertisement. Scroll to continue reading.

Domain names “rpfront.com,” “ahtribune.com,” “awdnews.com” and “criticalstudies.org” were also seized pursuant to FARA, which seeks to keep both the U.S. government and U.S. citizens informed on the “the source of information and the identity of persons attempting to influence U.S. public opinion, policy, and law.”

Although these domains targeted an audience in the U.S., they failed to obtain proper registration pursuant to FARA and did not notify the public who is behind the content on these domains.

Related: U.S. Seizes Domain Names Used by Iran for Disinformation

Related: Smoke and Mirrors – Hack-for-Hire Group Builds Fake Online Empire

Related: Twitter Removes Iran-Linked Accounts Aimed at Disrupting U.S. Presidential Debate

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.