Pro-Iranian Group Claims eBay, Spotify Attacks, Citing Major Disruptions
A pro-Iranian hacking group, “The Islamic Resistance in Iraq,” has claimed responsibility for a widespread cyberattack against eBay, asserting it caused severe two-day disruptions and hundreds of millions in damages. Cyber News - Erez Dasa notes that while eBay has not confirmed the financial loss figure, the reported $200 million per day is extrapolated from eBay’s public transaction volume.
The same group also claimed an attack on Spotify. However, Cyber News - Erez Dasa received reports of Spotify outages only after the attackers published their claims. This raises questions about the veracity of the Spotify claim; it could be a genuine attack or simply opportunistic disinformation following existing network issues. Defenders should treat such claims with skepticism until independent verification emerges, but not dismiss them entirely.
This incident highlights the ongoing trend of politically motivated groups targeting major Western corporations, often leveraging disruptive tactics. The attacker’s calculus here is likely about maximizing perceived impact and generating headlines, regardless of the full technical reality. For CISOs, this means a heightened need to monitor for both direct attacks and the weaponization of information surrounding them.
What This Means For You
- If your organization relies on major e-commerce platforms or SaaS providers like eBay or Spotify, understand their incident response capabilities and your own business continuity plans. Don't assume service availability. While direct impact might be on the vendor, disruption to their services can severely impact your operations. Verify outage claims directly with vendors, rather than relying solely on social media or threat actor pronouncements.
Written by SCW Threat Desk