Iranian hacker uploads dead baby image onto Bournemouth University servers

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

A graphic image of a dead baby was uploaded by an Iranian hacker during a cyber-attack on a website used by Bournemouth University students earlier this month.

The shocking image was of an unborn baby, allegedly after it had been removed from its mother, who had been shot with “dirty Israeli bullets”, and had come from a file sharing website using Iran’s .ir domain.

The site in question is used to display IT students' work and upload it for marking, but was taken over by “Milad Hacking”, a member of the Ashiyane Digital Security team, who regularly tweet their latest attacks on websites using the hashtag #DEFACED.

Along with the image, a message reading “We Love Mohammad and Amir Rastegari” was left, referring to the deputy head of Tehran’s environment department for monitoring and supervision, who is also a rear admiral in the Iranian Navy.

Ashiyane Digital Security Team claims to be the oldest hacking group in Iran, founded by Behrooz Kamalian in 2002, and have links to the Iran Revolutionary Guard Corps (IRGC) – a branch of the Iranian military formed after the Iranian revolution.

Mr Kamalian was sanctioned by the EU in 2011 as he “and his organization helped the regime crack down on protesters during the 2009 political unrest in Iran”.

While the site was taken over, links at the top of the page took the user to different pages, related to the cyber-attack. One such link was to “Blackhat GH” - a black hat being defined as a hacker with malicious intentious, with GH possibly being a derivative of “Growth Hacking”.

Students had originally feared that their work was lost, but the hacker had only overridden the index.php, the default page of the website.

A spokesperson for the university confirmed that "the attack took place last weekend (8/9 March) and we are continuing our investigation" into this. The server is currently down while the university investigates.