In This Article:
(Bloomberg) -- The U.S. Justice Department seized 92 websites it said were used by Iran’s Islamic Revolutionary Guard Corps to spread disinformation.
Four of the web domains -- Newsstand7.com, usjournal.net, usjournal.us and twtoday.net -- were disguised as genuine news outlets based in the U.S., which the Justice Department determined were controlled by the Iranian guard. The sites appeared to target Americans with Iranian propaganda about U.S. domestic and foreign policy, according to documents released Wednesday.
“Iran cannot be allowed to hide behind fake news sites,” said David Anderson, U.S. attorney for Northern California. “If Iran wants to be heard using U.S. facilities, it must reveal its true colors.”
The other 88 domains targeted audiences in Europe, the Middle East and Southeast Asia, while similarly claiming to be genuine local news sites that were actually being operated to “spread pro-Iranian disinformation,” according to a statement from the DOJ.
Google, Facebook Inc. and Twitter Inc. helped with the investigation by the FBI. The seized domains were also identified by threat researchers at FireEye Inc.’s Mandiant unit in 2018. At the time, the Iranian guard’s operations were peddling anti-Saudi, anti-Israeli and pro-Palestinian themes, while also promoting specific U.S. policies deemed be favorable to Iran, including the U.S.-Iran nuclear deal, according to Mandiant.
Read more: Disinformation Actors Gear Up for U.S. Elections
In 2018, Mandiant noted that the disinformation campaign did not appear to target the U.S. midterm elections that year. But at least one account changed its Twitter name from ‘@libertyfrontpr’ to @Berniecats’ to align its messaging with that of U.S. Senator and former presidential candidate Bernie Sanders.
“Iran has become a prolific actor in the information operations space,” said John Hultquist, senior director of analysis at Mandiant Threat Intelligence. “Similar to their cyber-attack capability, they have evolved over a series of brash operations.”
Read more: Social Media Braces for a Deluge of Voter Misinformation
All the domains were owned and operated by companies in the U.S. The seizure occurred under the International Emergency Economic Powers Act, which gives the U.S. president broad authority to regulate financial transactions in a national emergency. This was the same tool President Jimmy Carter used in 1979 to freeze Iran’s financial assets in the U.S. during the hostage crisis.
The IRGC’s use of these domains violated the Foreign Agents Registration Act which requires foreign operatives in the U.S. to openly declare their status so the U.S. government and its residents are aware of the source of information and the identity of those “attempting to influence U.S. public opinion, policy and law,” the Justice Department said. The domains targeting Americans were never registered under FARA, it added.