One official from a company owned by Iran's Ministry of Telecommunications admitted that the company had restored the domain to Fars by using DNS spoofing, a type of hacking that redirects users to the wrong website when they try to access a certain URL.
Sajad Bonabi, a member of the board of directors of Telecommunications Infrastructures Company, admitted to the spoofing, also known as DNS cache poisoning, in a tweet on Saturday.
Bonabi added that websites and companies "that suspect they would be targeted by the cowardly sanctions of the United States" could contact the company he works for in order to learn precautionary measures.
"For the first time in Iran's Internet history, the Iranian regime has confirmed that the DNS spoofing was done. DNS spoofing is a method used by hackers to redirect the traffic of a particular website to another destination," said London-based digital security expert Amin Sabeti to Radio Farda.At the time of writing, Fars' websites in English and Farsi were not accessible from Israel. The news site was available from an Iranian '.ir' domain and continued to publish tweets. Fars called the blocking of the '.com' domain an "uncivilized move" and a "flagrant violation of the freedom of expression."Fars reported it received a letter from the international service provider saying that, "the US Treasury Department’s Office of Foreign Assets Control (OFAC) has included the news agency in its SDN list and ordered it to stop domain services to Fars News Agency.”
Former Shin Bet officials told The Jerusalem Post earlier this month that Iran may use advanced cybertools from China against Israel or the US in the wake of the assassination of former IRGC Quds Force commander Qasem Soleimani.
In March, Iranian intelligence hacked into the phone of Blue and White leader Benny Gantz, according to the Shin Bet (Israel Security Agency), and took all its contents – including sensitive information, according to Channel 12.
In April, Google blocked access to the YouTube and Gmail accounts of Iranian state broadcasters Press TV and Hispan TV, according to Forbes. Press TV claimed that Google blocked access "without prior notice" and that they had received a message telling them that their "Google Account was disabled and can't be restored because it was used in a way that violates Google's policies."
Iranian state TV and media companies have been earning advertising revenue from YouTube content and have garnered a following internationally.
It is unclear how US sanctions could affect this source of revenue for Iranian state TV.
The Shahrvand newspaper in Tehran reported that managers of the state-run Islamic Republic of Iran Broadcasting (IRIB) – located outside of Iran – can still claim the advertising money, even though YouTube and Google are under US law. The Iranian state TV's YouTube channels are officially based outside of Iran.
State TV channels have also been able to garner a following internationally through social media and live broadcasts, as a Press TV director explained in an interview with the Iranian Fars News Agency.
Radio Farda estimated that the IRIB can earn up to $100,000 a year, and that number could continue to rise.
Press TV and Hispan TV's YouTube channels are still open, but no new content can be uploaded.
Facebook also shut down multiple Iran-sponsored groups and accounts in April, saying that "the pages routinely amplified Iranian state narratives, targeting Israel, the United States, and Saudi Arabia, especially for their roles in the Middle East, and focusing on the Yemen and Palestine conflicts. The pages often shared articles from websites which reproduced, verbatim, content from Iranian state or state-allied outlets, such as Press TV."
Habib Abdul Hussein, director of Press TV's website and social networks, told Fars that the agency's budget is a small fraction of the budget of international media, and that it is still able to combat other narratives from external media.
Gil Hoffman and Yonah Jeremy Bob contributed to this report.