Iran International
The latest Microsoft Threat Analysis Center (MTAC) research related to the US elections released Wednesday says Iran is gearing up for additional influence operations.
“Iranian groups tasked with targeting the US elections may make an effort—as they have in the past—to run influence operations both shortly before and soon after the election by leveraging cyber intrusions from weeks to months prior,” the report said.
On October 14, the report showed that the MTAC’s findings uncovered an online persona operated by Iran began falsely posing as an American. The online persona had called on Americans to boycott the elections due to both candidates’ support for Israel’s military operations.
A spokesperson for Iran's mission to the United Nations strongly rejected Iran's interference with the US presidential elections Wednesday. "Such allegations are fundamentally unfounded and wholly inadmissible," the spokesperson said.
The spokesperson added that "Iran neither has any motive nor intent to interfere in the US election" and contended that the allegations brought against Iran would only cause the US government to be discredited.
Two weeks ahead of the 2020 US elections, an Iranian hacker group called Cotton Sandstorm, also known as Emennet Pasargad, launched its first cyber-enabled influence operations, the Microsoft report said. It performed reconnaissance and limited probing of election-related websites in some swing states in April and reconnaissance of major US media outlets in May.
Cotton Sandstorm is directed by Iran’s Revolutionary Guards (IRGC), the Microsoft report said, adding that the MTAC has yet not observed activity suggesting that the group has launched influence operations targeting the upcoming elections but expects it to increase its activity closer to the elections.
According to the report, the group ran an email campaign in 2020 posing as the right-wing “Proud Boys”, threatening Florida residents to “vote for Trump or else!”.
This, the report said, was followed by a separate operation following the election which called for violence against election officials who claimed the elections were secure or denied claims of widespread fraud.
Senior US officials told Reuters in 2020 that the hacker group’s email campaign did not affect individual voting systems but aimed to create chaos, confusion, and doubt.
US officials also told Reuters that a mistake the hackers made in a video that they attached to some of the emails helped government analysts and private sector investigators to quickly attribute the cyber operations to Iranian hackers.
Microsoft detected Cotton Sandstorm running its last operation targeting Israel’s participation in the Paris Olympics in late July 2024, the MTAC report said.
Naser Naqavian, once a prominent figure on state TV, has been barred from both speaking on air and teaching at universities. He has spoken about the declining role and status of Muslim clerics in Iranian society, despite the country being officially governed by Shiite clergy.
In an extensive interview with the Khabar Online website, Naser Naqavian said that clerics were increasingly isolated from Iranian society. He remarked that some clerics are so affluent that many people believe their pockets are directly connected to the country’s oil pipelines.
Speaking about his own financial situation, Naqavian said that he had to move from the affluent Pasdaran Avenue in northern Tehran to Fardis, a district outside the industrial town of Karaj some 50 kilometers West of Tehran.
He noted that clerics who became government officials have lost their standing with the broader population, as they no longer speak for the people. He pointed to their hardline stance on enforcing compulsory hijab as a key issue, likening their position to that of the Taliban, which has further alienated them from mainstream Iranian society.
Naqavian stressed, however, that he is not a "counter-revolutionary" or a member of the opposition. "I simply oppose the policies I believe are wrong and want those policies to be corrected."
The growing divide between the Iranian public and the ruling clerics has been acknowledged by the country’s seminaries as far back as 2017. A major media outlet from the Qom Seminary, Mobahesat (Discussions), explored this issue and its underlying causes. Studies published by Mobahesat revealed that clerics' popularity has been in decline since the 1979 Islamic Revolution.
Several debates involving prominent Muslim scholars were sparked by the publication, during which high-ranking seminarians concluded that the public’s increasingly negative view of the clergy stems largely from the behavior of clerics who serve as state officials.
In 2023, following a series of physical attacks on clerics in the wake of the 2022 nationwide protests, Ayatollah Mohammad Javad Alavi Boroujerdi argued that these assaults were a direct result of the widening divide between the public and the clerical establishment. He urged officials to avoid further alienating the people by making hardline statements that fuel public resentment.
However, to shield himself from potential government reprisals, Boroujerdi also attributed the growing hostility toward clerics to foreign media "fanning the flames" of discontent.
In contrast, female religious scholar Sedigheh Vasmaghi, a vocal critic of the regime’s compulsory hijab policy, argued that it was already too late to bridge the gap between clerics and the people. She asserted that the clerics’ fundamentalist views had fostered insecurity in Iranian society, adding that they should have anticipated the consequences of their hardline stances and behavior.
In his interview, Naqavian noted that the government labels reformist clerics as counter-revolutionaries. He also revealed that, due to the public's increasingly negative perception of clerics, he often refrains from wearing his traditional clerical robe and turban when going about his daily life.
When asked about the difference in how people react to him in clerical versus non-clerical attire, Naqavian explained, "For those who know me, their reaction doesn’t change regardless of what I wear. But for others, it’s different. When they see me in my clerical robe and turban, they treat me the same way they treat other clerics."
During and for some time after the 2022 protest in Iran "turban tossing" or "turban flipping" was popular among young protesters. Young disgruntled people used to take the turban off the clerics' head and toss it in the street. Compared to violent attacks on clerics at that time, turban tossing was a light-hearted reaction.
Year after year, the sale of bootleg alcohol in Iran has remained a persistent crisis, with at least thousands of Iranians falling victim to poisonings.
According to Iranian medical authorities, 768 people were poisoned by methanol-laced alcohol in just one month in 2018, resulting in 96 deaths across eight of Iran’s 31 provinces.
More recently, in the first 10 days of October, 343 people were poisoned, with 41 deaths reported in the provinces of Mazandaran, Gilan, Hamedan, and Kurdistan.
Alcohol has been banned in Iran since the 1979 Islamic Revolution, with consumption, production, or sale of alcoholic beverages punishable by imprisonment, flogging, or fines. Repeat offenders can even face the death penalty. Despite this, alcohol consumption continues, with both imported and homemade drinks readily available on the black market.
This week, the state's judiciary oversaw the execution of four people, over the purported sale of alcoholic beverages laced with methanol.
Iranian authorities have labeled this incident -- and previous ones -- as a profit-driven criminal operation. The judiciary echoed that characterization, saying that the individuals executed on Wednesday intentionally sold methanol-laced alcohol for financial gain.
The judiciary-controlled Mizan outlet reported that the individuals involved "purchased methanol at one-eighth of the market price of ethanol and sold it at approximately one-third of the market rate."
That narrative was repeated by the hardline newspaper Iran, which quoted a clinical toxicology expert as saying, "No seller or ‘dealer’ deliberately endangers their customers, but when profits and higher income are at stake, such incidents become unavoidable."
However, some experts question whether this is merely a matter of greed or if more complex motives are at play.
According to Dr. Maziar Ashrafian Bonab, a PhD graduate from Cambridge University, the nature of these poisoning cases defies the notion of a random or accidental occurrence. Speaking in an interview with Iran International, he said:
"We expect to see a uniform spread of deaths across the country due to the occasional use of counterfeit alcohol. But the data reveals concentrated spikes in specific provinces at certain times, which suggests a more organized and deliberate effort rather than random errors."
Dr. Bonab, a former Director General of the Forensic Medicine Center of Iran’s Hormozgan Province, said that while small-scale producers might inadvertently mix methanol into their products, the scale and coordination of these poisoning incidents point to larger networks with access to industrial alcohol or methanol. He further argued that it's unlikely that those selling counterfeit alcohol would intentionally poison their customers:
"If anything, poisoning your customers would harm your business in the long run. This doesn’t seem like a profit-driven mistake but rather a more sinister act."
When asked who might be behind these incidents, Dr. Bonab hypothesized that some organizations involved in methanol production could be connected to powerful state institutions:
"There is reason to believe that those responsible have access to large quantities of industrial methanol, which isn’t easily available to small producers. Some of these operations could involve pharmaceutical companies or other institutions with government links. I have even heard rumors that certain networks, possibly tied to powerful entities, may be behind these poisonings, operating with a level of impunity."
The former aide to Iran's Health Ministry also highlighted the involvement of "fire-at-will" groups—radical elements that act independently or with implicit approval from factions within the government:
"Some of these groups believe it’s their duty to impose their ideological beliefs on society, even if it means using lethal force. They see alcohol consumption as a vice and might be deliberately targeting consumers."
The so-called moderate outlet Etemad similarly highlighted these suspicions in a recent report, featuring addiction specialists and alcohol distributors who questioned the scale and coordination of the methanol poisonings.
An anonymous addiction specialist from Gilan Province suggested the incidents indicate more than just a technical error:
"When poisonings occur simultaneously in four provinces, it becomes clear this goes beyond production issues. Even if deliberate poisoning is assumed, it’s unlikely that four different producers in separate provinces would simultaneously produce tainted alcohol. This raises concerns that something more organized is at play."
Likewise, Ali Salarian, an addiction specialist from Mazandaran Province and a member of the National Medical Council, echoed these concerns, stressing that the scope and frequency suggest something far more deliberate than a mere production error:
"Food and drink poisonings, whether legal or illegal, are usually due to isolated technical errors. But given the scale and impact of these cases, it’s clear this is not accidental. Malicious intent seems likely."
Etemad also spoke to an anonymous producer of alcoholic beverages to address the theory of rivalry-driven revenge between sellers.
The source dismissed this notion, saying, "This isn’t the work of a typical vendor. A vendor is someone who has been producing and selling for years, building a reputation for their product. They know they’re operating outside the law, as alcohol production and sales are illegal in Iran, but they’re not murderers".
"While there are dangerous criminals in the alcohol trade, none would kill their customers to outcompete others. Their livelihoods depend on keeping their customers, not eliminating them," he added.
Etemad also pointed to a past pattern, stating, "Years ago, similar incidents occurred in some provinces, where a specific group deliberately inflicted severe, irreversible physical harm on certain citizens, but the identity of these individuals was never revealed to the public."
While Etemad doesn’t specify which incidents they are referring to, it appeared to draw parallels to the school poisonings during the 2022 nationwide protests against the state -- dubbed the Woman, Life, Freedom movement.
These poisonings, which primarily affected girls' schools across Iran, began during the protests and continued until April 2023. Schoolgirls experienced symptoms like shortness of breath and lethargy.
Initially dismissed by authorities as "children's pranks" or attributed to faulty heating, the government later admitted that at least 1,200 students had been affected by mysterious fumes.
At the time, suspicions pointed toward hardliners or religious extremists, possibly punishing girls for speaking out during the protests. Other activists described the poisonings as "state terrorism" and "gender-based" -- pointing the finger at state authorities citing the organized scale of the attacks.
Speaking on the sidelines of a cabinet meeting, Eslami said: “If the enemy makes even the slightest attack on our [nuclear] facilities, we will deliver a crushing response."
He told the cabinet that "our defense and security capabilities have always been prepared to confront such threats with vigilance".
Since at least 2010, Israel has allegedly conducted dozens of attacks inside Iran, targeting sensitive nuclear and military installations and carrying out assassinations of individuals deemed a threat.
The attacks became more frequent after July 2020, when a massive explosion occurred at the Natanz uranium enrichment site in central Iran, destroying one of the buildings.
In November that year, Mohsen Fakhrizadeh, a key figure in Iran’s nuclear program, was assassinated in a roadside attack near Tehran. Western and Israeli intelligence had long suspected Fakhrizadeh of being the architect of Iran’s covert nuclear weapons program.
Iran has long said its nuclear program is peaceful. The UN's nuclear chief, Rafael Grossi, said this year that Iran is "weeks not months" away from a nuclear weapon while a third of the UN's inspectors have been barred.
Eslami's latest warning comes as Israel prepares its retaliatory attack after the Islamic Republic launched 181 ballistic missiles towards Israel earlier this month.
The latest bombardment on Israel, the second this year, saw Iran target the likes of intelligence and military sites, with damage caused to civilian areas including a school.
On Wednesday, Israeli Defense Minister Yoav Gallant told Air Force crews at Hatzerim Air Base the counterattack would levy "a heavy price".
"After we attack Iran, everyone will understand your might," he said, in a video shared on X.
US President Joe Biden made clear that while he supports a retaliation, he will not support an attack on Iran's nuclear facilities.
Israel's Prime Minister, Benjamin Netanyahu, and the country's military leadership, have since remained tight-lipped on the nature and timing of the retaliation.
The head of Iran's Passive Defense Organization, Gholamreza Jalali, lauded the escalating conflict between the Islamic Republic and its archenemy, Israel.
“This year, we are in a situation where the axis of resistance is engaging with the Zionist regime and its allies," he said. In the wake of the Gaza war, Israel is fighting threats from Iran's proxies around the region across its borders.
Additionally, Israel says it foiled five Iran-backed plots this month, with spy cells allegedly attempting high level assassinations on political, military and nuclear figures.
In a statement reported by the IRGC-affiliated news outlet Fars, he said that eight new defense plans have been devised and endorsed by Iran’s Supreme National Security Council.
Jalali also discussed efforts to bolster Iran’s infrastructure against potential cyber-attacks and sabotage.
Referring to recent incidents including the explosions of Hezbollah pagers which saw at least 1,500 operatives in Iran's largest militia taken out of action, he noted that the Passive Defense Organization had taken steps to prevent similar attacks in Iran.
“Since last year, we have been insisting on the use of artificial intelligence to prevent such incidents within the country,” Jalali stated as the importance of defense against cyber attacks grows.
However, Iran remains vulnerable to hacking and cyber-attacks. In September, Iran's Cybersecurity Strategic Management Center issued a red alert for financial, monetary, and communication sectors, and an orange alert for other sectors.
"Organizations are advised to maintain round-the-clock availability of technical teams and rapid response units due to the potential for cyber attacks," a statement said.
