Sweden’s security service, Sapo, has accused Iranian intelligence of orchestrating a cyber attack that targeted a Swedish text messaging service to send 15,000 messages to the public. The messages called for “revenge against Quran-burners” following several incidents in which anti-Islam activists burned copies of the Islamic holy book.
The data breach, which occurred in the summer of 2023, involved a cyber group named Anzu, believed to be linked to Iran’s Revolutionary Guards (IRGC). According to Swedish investigators, the group hacked into the SMS system of a Swedish company and sent messages aimed at inciting division in society by portraying Sweden as an Islamophobic country. The messages urged punishment for those involved in the Quran burnings.
The Quran burnings, carried out by far-right activists, sparked widespread anger in Muslim-majority countries.
Despite the Swedish government condemning the actions and police attempts to halt them, the country’s courts allowed the protests to proceed under Sweden’s freedom of expression laws. The incidents led to Sweden’s embassy in Iraq being set on fire by protesters, and the government faced significant diplomatic backlash.
In response to the controversy, Swedish prosecutors charged an Iraqi activist and an accomplice with incitement against an ethnic group in connection with the Quran burnings. Both men have denied any wrongdoing.
Sapo’s preliminary investigation found that the Anzu group hacked into a Swedish company’s SMS platform, gaining control of usernames, passwords, and tools used to send messages. On 1 August 2023, a large-scale SMS blast was sent to 15,000 Swedish citizens, calling for revenge against those responsible for burning the Quran.
Fredrik Hallstrom of Sapo stated that individuals involved in the cyber operation had direct links to Iran’s Revolutionary Guards. The messages, he said, had partially succeeded in amplifying the already existing threats against Sweden.
While investigators were able to identify the Iranian hackers behind the attack, Prosecutor Mats Ljungqvist confirmed that there was no possibility of extradition, and the investigation was subsequently shelved.
Justice Minister Gunnar Strommer described the cyber attack as a “very serious” act of destabilization. He emphasized the concern over a state actor such as Iran attempting to increase polarization in Sweden.
This is not the first time that Sapo has accused Iran of hostile activities. In May 2023, the security service reported that Tehran had used criminal networks in Sweden to conduct violent acts against individuals or groups it deemed a threat. Alongside Russia and China, Iran has been identified as one of the most significant security threats facing Sweden today.
Chioma Kalu
Follow us on: