Pro-Iran hackers claim attack on Spotify as ‘revenge’ for ayatollah’s killing
A pro-Iran hacking group that has claimed a spate of DDoS attacks against Western companies since the United States and Israel went to war against the Islamic Republic said it attacked Spotify today with the intent that “the hand of revenge will reach the killers of Imam Khamenei.”
Downdetector reflected thousands of reports of trouble at the audio streaming service, climbing sharply at about 1 p.m. EST. As users sounded off about the downtime on X, Spotify’s support account referred people to a post on the company’s community page: “We’ve received some reports mentioning that the app, support site and the Web Player are slow or not working properly. This is being investigated.”
The Islamic Cyber Resistance in Iraq – 313 Team, which claimed responsibility for a recent “rapid fire” attack on eBay, announced at 1:31 p.m. on the group’s Telegram channel that they “carried out a massive cyber attack targeting Spotify’s main servers, causing a major disruption to the website and completely disabling the application.”
They posted screenshots of Downdetector reports, and added an update at 2:06 p.m.: “We have increased the intensity of the attack on Spotify servers, and the login interface is now completely disabled.”
“We are maintaining a complete shutdown of Spotify’s core internal servers and keeping the login interface disabled. We will continue the attack for another two hours,” 313 Team posted at 3:06 p.m. “Major corporations will not escape punishment. The hand of retaliation will reach you.”
The Spotify issues and 313 Team claim came shortly after the hackers said WordPress had stymied their attack by stepping up security measures.
At 11:31 a.m. EST today, a Telegram post claimed 313 Team “launched a massive cyberattack targeting specific servers within WordPress systems,” specifically the login interface and control panel for websites hosted on WordPress.com. Downdetector showed a peak of 34 reports of user problems at 11:31 a.m., while the WordPress automatic status page had no incident reports for today.
“The attack on WordPress servers has been stopped due to the activation of multiple layers of protection, including browser verification to filter out overload,” 313 Team said in a 12:18 p.m. update. “We may resume the attack soon or move to another target.” That new target, they said over an hour later, was Spotify.
On Monday, 313 Team said they attacked Goodreads, generating hundreds of reports at Downdetector, but posted 17 minutes later that the book-lovers’ site “blocked the attack by setting up a load balancer.”
A 3:37 p.m. EST post claimed that they resumed by targeting Goodreads’ “entire infrastructure with a massive 3.5 terabyte attack,” coinciding with a peak of Downdetector reports.
The group has been relentlessly targeting American companies with DDoS attacks, claiming mid-month that it disrupted Bluesky with what the social media site called a “sophisticated” attack. They also claimed to be behind a mid-March Microsoft outage and took credit for hitting the X platform at the end of that month, and also have claimed attacks on Amazon Prime Video, Dropbox, Yahoo, AOL and more sites.
Their claimed eBay attack that began April 26 included an aggressive demand that the company respond directly to them as eBay acknowledged “intermittent technical issues” in a message to sellers.
One 313 Team post directly addressed eBay: “There is a simple way out. We have emailed you with our Session Contact ID. If you fail to reach out, we will continue our assault. You are losing money by the minute, stop being fools.”
Read More
