In a significant security breach, the official website of the Iranian regime’s presidency was taken over by Iranian dissidents and replaced with images of the Iranian Resistance leadership and slogans calling for the regime’s overthrow. The breach has exposed the vulnerabilities within the Iranian regime’s cybersecurity infrastructure, highlighting the growing challenges faced by the regime in maintaining control over its digital assets.
Reports emerged on May 29 revealing that the Iranian presidency’s website and internal servers had been targeted by a group of Iranian dissidents, self-described as “GhyamSarnegouni” (meaning “Rise to Overthrow” in Farsi).
The dissidents have taken down these heavily protected websites, replacing images of Iranian regime Supreme Leader Ali Khamenei and President Ebrahim Raisi with those of Massoud Rajavi, the Leader Iranian Resistance, and Maryam Rajavi, the President-elect of the Iranian opposition coalition National Council of Resistance of Iran (NCRI). Other websites showed images of Khamenei and Raisi crossed out.
The breach of the Iranian presidency’s website and servers shows a significant blow to the regime’s network security infrastructure and its ability to safeguard its official online platforms. It exposes the vulnerabilities within the government’s digital systems, raising questions about the regime’s capacity to counter network threats.
The incident also serves as a reminder of the growing influence of dissident groups, such as the People’s Mojahedin Organization of Iran (PMOI/MEK), and their efforts to challenge the Iranian government’s authority. By successfully disrupting a high-security server belonging to the presidency, the “GhyamSarnegouni” dissidents have demonstrated their ability to carry out sophisticated operations, undermining the regime’s control over its networks.
The takeover of the Iranian presidency’s website and servers not only poses a direct challenge to the regime’s authority but also highlights the potential for further such attacks targeting critical government institutions.
Previously the “GhyamSarnegouni” collective seized control of 210 websites, software applications, servers, data banks, and other aspects of the regime’s Ministry of Foreign Affairs (MFA) on Sunday, May 7.
The latest incident is expected to intensify the regime’s efforts to enhance its network security infrastructure and defend against future attacks. It may prompt the Iranian government to reevaluate its digital security strategies, including strengthening defenses, improving threat intelligence capabilities, and
The taking over of the Iranian presidency’s website and servers has attracted attention globally, with numerous media outlets reporting on the incident. International observers have highlighted the audacity of the attack.
The breach also has implications for regional dynamics, as it comes at a time of heightened tensions in the Middle East. It adds another layer of complexity to the already strained relationship between Tehran and various regional and international actors, potentially fueling further mistrust and animosity.
The incident underscores the growing challenges faced by the Iranian government in maintaining control over its digital assets and protecting sensitive information.
The “GhyamSarnegouni” dissident group has provided extensive details about today’s disruption and defacing of Iranian presidency-linked websites. These include access to top secret documents and defacing, such as:
- Images of Iranian Resistance leadership and anti-regime slogans were sent to reporters and media outlets from the main email account of the regime’s presidency
- The group gained control over 120 servers of the presidency’s internal network, central databases
- The group obtained control over the government’s server management network and server controllers
- The group obtained control over the presidency’s network of technical administrators
- The group obtained control over the “Users Internal Network” and access to more than 1,300 computers of the presidency’s internal network
- The group obtained security footage of the presidency’s communication network hardware
- The group obtained access to systems of the classified internal communications associated to the presidency and the government
- The group extracted and decrypted classified and encrypted messages related to recent years
- The group obtained access to tens of thousands of classified, top secret, and secret documents associated to the presidency, including the appointment of Ali Akbar Ahmadian as the new Secretary of the regime’s Supreme National Security Council
- The group obtained access to the presidency’s websites and dozens of internal applications
- The group obtained access to other classified documents, such as the building design of Raisi’s office and sleeping quarters, the fiber-optic cable network linking the presidency and Khamenei’s headquarters, the government cabinet, the judiciary, Interior Ministry, Intelligence Ministry, Foreign Ministry, the IRGC paramilitary Basij Force, the Majlis (parliament), state TV and radio apparatus, Tehran’s airports, and other entities of the mullahs’ regime
- The group obtained 19 pages of the technical infrastructure of the presidency’s computer network, the fiber-optic network map, and the buildings’ patch panel; 21 pages of the presidency’s technical network, including IP addresses, 104 pages of telephone numbers, internal phone systems, and the direct lines connecting all rooms of the presidency building
- The group obtained classified documents of Raisi’s planned trips abroad for 2023 to Iraq, Syria, Pakistan, Indonesia, Kyrgyzstan, Oman, Uganda, Zimbabwe, Kenya, Venezuela, Cuba, Nicaragua, Uzbekistan, South African, India, the Shanghai summit, the Caspian Sea summit, Tajikistan, Kazakhstan, UN General Assembly in New York, Uzbekistan, and Gambia
- The group obtained the names of the 25-member security team of Iranian regime First Vice President Mohammad Mokhber
- Top secret letters from the IRGC command in Tehran involving at least five meetings of the Joint Security-Intel Committee presiding over the crackdown of the country’s universities.
