Hackers Launch Campaign of Intimidation against Iranian Expat Writer
Media // United States
The opinionated Iranian author Roya Hakakian, who has spent 30 years living in the United States, was subjected to cyber espionage starting last February.
“The common bond among all Hakakian’s outspoken work for the past decade is that she wrote it in English,” the Daily Beast reports. Once Hakakian’s work was published in Farsi, “she seems to have tripped a wire that alerted the Iranian cyber hounds.”
On February 22, she began receiving malicious emails that purported to be Google security alerts.
After receiving a few more dubious Google alerts, including one that said someone in “The Iran” had tried to log into her account, Hakakian noticed that the order of mail folders she’d set up to organize her messages was changing. It looked like someone had been poking around in them but hadn’t put them back in their proper place.
The director of technology for the Wilson Center in Washington, DC, where she is a fellow, downloaded a program to scan for implanted malicious software—it found three kinds.
Hakakian eventually detected Internet addresses accessing her account from four countries—Iran, China, Russia, and Indonesia.
“Whoever was tracking Hakakian probably wasn’t interested in what she was planning for dinner that night, but which other Iranian dissidents and headaches of the regime she knew, at least well enough to have them in her email contacts,” according to the Daily Beast.
In early March, someone broke into her Facebook account and sent messages supposedly from Hakakian to many of her friends. The messages said she was sorry to have been out of touch, but that she’d been taking care of her father. They beckoned her friends to open an attached document, where they would find a lengthier explanation of all that she’d been going through.
The document probably contained malicious software code that would have implanted a virus or spyware on the recipient’s computer.
Hakakian also received strange emails reminding her to check in for a conference on the subject of Iran, to be held at a university in Israel. She’d never heard of the conference, and when she wrote back asking what it was about, she did get a reply—but on her iPhone, via text message.
“That may have been the first sign that something even more serious than a Gmail or Facebook hack was happening. Whomever was targeting Hakakian appeared to know her phone number, as well. She thinks that the intruders may have actually hacked the phone and used that to gather contact information about people close to her,” the Daily Beast reports.
Phone hacking usually is spades more difficult than hacking PCs or laptops. This is because hacking tools for smartphones generally are harder to find on the black market than kits for hacking operating systems in personal computers.
“If someone did hack Hakakian’s iPhone, he may have had to pay a lot for the information, if he didn’t find the vulnerability himself. That would suggest the hacker may have been working for a nation state with deep pockets or a lot of cyber hacking expertise,” according to the Daily Beast.
No evidence was found that the phone had been compromised. But she took it to an Apple store to have technicians there rebuild it. Once the phone was effectively wiped clean, the problems stopped.
Hakakian suspects that by targeting her, the hackers wanted to be discovered and to send a message: other exiled writers and activists dare not publish their works in Farsi.
“I think this wasn’t about espionage,” she said. “I think they really want to say to someone like me, that even though we speak Persian, you’re not one of us. Don’t come back.”