Iran State TV Geo-Poli-Cyber hacked during Live Transmission.

A group of anti-Iranian government hackers going by the name of “Edalate Ali” (Justice of Ali) has claimed responsibility for hacking and interrupting a state-run TV channel’s live broadcast on Saturday.

It is worth noting that the cyberattack was carried out under the banner of “OpIran”, an operation initiated by the online hacktivist group Anonymous in support of Iranians protesting against the death of 22-year-old Kurdish-Iranian Masha Amini while under detention by Tehran’s morality police called Guidance Patrol. She was arrested for improperly wearing a hijab.

Amini’s death caused clashes between authorities and protestors, resulting in at least 150 deaths since the protests sparked on September 17th.

Who are Edaalat e Ali Hackers?

Edaalate Ali (Ali’s Justice or Ali’s Court) is a group of anti-Iranian government hackers that surfaced late August 2021 after it breached the computer system and security cameras at a prison facility in northern Tehran. As a result, the group leaked live footage of the grim conditions and grave human rights violations taking place in the prison.

Screenshot from Edalate Ali group’s Telegram channel in which the hackers are claiming responsibility for the hack.

Hack Details

As seen by, the Iranian broadcaster was hacked while airing a news bulletin on Saturday night. The incident’s clip was shared by the hackers on their official Telegram channel, whereas the country’s semi-official news agency, Tasnim, reported that the targeted channel was the Islamic Republic of Iran News Network (IRINN).

The Viral Clip

The channel’s bulletin was interrupted to air a message from the hackers, which quickly went viral. The clip shows the channel airing a news bit on Iran’s Supreme Leader Ayatollah Ali Khamenei’s meeting in Bushehr city.

The news suddenly gets disrupted, and a cartoon mask appears. The mask has a beard and heavy eyebrows and appears against a pitch-black background. This image is followed by Khamenei’s photo showing a target superimposed on the leader’s face.

Alongside Khamenei’s photo are pictures of the young women who became the victims of Iranian authorities’ brutality the previous month. This includes Hads Najafi, Nika Shahkarami, Sarina Esmailzadeh, and Masha Amini. With these photos, a message appeared on the screen, which read “The blood of our youth is dripping from your grip.”

This message also contained the hackers’ social media handles, and this image stayed on the screen for several seconds.


What started as an online campaign, OpIran, has now gone global where hackers from across the globe are taking on Telegram, the Dark Web, and Signal to teach Iranians about countering government surveillance., evading censorship and targeting key infrastructure.

On the other hand, According to Anonymous, the modus operandi of OpIran involves DDoS attacks (Distributed Denial of Service attacks), data breaches, social engineering attacks, quick tutorials on how to beat state censorship by using the Tor browser, and evading arrests by police.

Are you Citizen-Journalist Material?

Have a tip or scoop? Do you have info about corruption that needs to be investigated and responsibly exposed ? Get in touch securely via WhatsApp at +44 7771 927378 | Signal at +447766 098270

Receive Exclusives, Features & News Updates


What Are
Cyber™ Risks?

What Is Geo-Poli-Cyber™?

MLi Group created the terms Poli-Cyber™ and Geo-Poli-Cyber™ (GPC™) in 2012 and 2013 based on the philosophy that if you cannot identify and name the threat, you cannot mitigate that threat.

Geo-Poli-Cyber™ attacks are political, ideological, terrorist, extremist, ‘religious’, and/or geo-politically motivated.

Click to read more