Fake people with Facebook accounts are friending each other, and friending other people their creators have heard of. It’s a phenomenon as old as social media itself, but it’s only once there is a link to an Iranian-registered website that people started wondering if this was a problem.
Which brings us to the story of “Newsonair.org,” one of countless samey-looking news websites that copy-paste a handful of Reuters stories a few days a week. Unlike most such sites, NOA has become a big deal today, fueling wild speculation of Iranian “hackers.”
And they’re using the term hacker extremely loosely, as it isn’t clear what, if anything, the site has ever managed to accomplish apart from getting its phony Facebook personae friended by some people and listed on Linkedin.
Indeed, materially the only reason the story is even in the news is because a DNS lookup of NOA returns an address in Iran, and you know those Iranians.
Of course, the fact that a simple DNS lookup brings up an Iranian name and address does not support the notion that this was some deep-cover Iranian plot that they were desperately trying to keep on the down-low. Even the articles concede the operation doesn’t appear particularly sophisticated, but that the phony personae managed to get “at least 2,000 connections” in social media, a number which likely sounds high for the tech-illiterate readers the scare pieces target, but is probably only a bit more than your average highschooler.
The entire story originates with iSIGHT Partners, itself a relatively non-descript organization relying heavily on a presence in social media for credibility, and makes wild guesses as to what Iranian “threat actors” might conceivably be after. A tempest in a teapot, perhaps, but when that teapot has “made in Iran” stamped on it, that’s still good enough to make the front page of papers the world over.