A threat actor has allegedly leaked a critical database belonging to a state surveillance program of the Islamic Republic of Iran. The perpetrator claims the data originates from infrastructure belonging to the Islamic Revolutionary Guard Corps (IRGC), a powerful branch of the Iranian Armed Forces. The surveillance program appears to focus on monitoring the activities of Iranian citizens on the social media platform X (formerly Twitter), targeting specific groups including political and social activists, LGBT individuals, and various minority communities.
The leaked dataset allegedly contains detailed tracking information, providing insights into the online behaviors and social connections of monitored individuals. A notable aspect of the leak is the inclusion of labels and categorizations generated by machine learning models, which automatically classify users and their content based on sentiment, emotion, and topic. This suggests a sophisticated and automated system for identifying and prioritizing surveillance targets. The threat actor claims the infrastructure was verified as belonging to the IRGC by a third-party cyber operative.
The data leak allegedly exposes sensitive information and the inner workings of the state’s monitoring apparatus. According to the sample data provided, the system analyzes and logs user posts and interactions. The information allegedly leaked includes:
- User account details and activity metrics
- Social connections and interactions
- Sensitive personal information
- Machine learning-based sentiment analysis (e.g., ‘Against’ the state)
- Emotion analysis of user content (e.g., ‘ANGRY’, ‘SAD’)
- Topic categorization (e.g., ‘political’, ‘economical’)
