Swedish authorities said on Sept. 24 that Iran was responsible for hacking into a messaging service and sending thousands of text messages urging people in the country to seek revenge for the 2023 Quran burnings.
The cyberattack was carried out by Iran’s Islamic Revolutionary Guard Corps (IRGC), which hacked into a Swedish company that runs a major SMS service and sent “15,000 text messages in Swedish” in response to a series of public burnings of the Islamic central religious text in August 2023, according to officials in Stockholm.
Senior prosecutor Mats Ljungqvist from the Swedish Prosecution Authority said a preliminary investigation by SAPO, Sweden’s domestic security agency, showed the data breach was carried out by the Iranian state via the IRGC.
The company was not named.
Tehran has not commented on the Swedish accusations.
Swedish broadcaster SVT published a photo of a text message that labeled Swedes as “demons” and said those “who desecrated the Quran must have their work covered in ashes.”
There is no blasphemy law in Sweden specifically prohibiting the burning or desecration of the Quran or other religious texts.
The rallies, approved by police, at which the book burnings took place caused friction within the Scandinavian nation and anger among Muslims. Sweden last year raised its terrorism alert following the burnings.
Sweden finally became a NATO member in March when Ankara dropped its objections.
At the time, the Swedish government said it “strongly rejects the Islamophobic act committed by individuals in Sweden,” adding that the desecration did not reflect the country’s stance on Islam.
In July last year, Iran’s supreme leader, Ayatollah Ali Khamenei, issued a statement saying that “the insult to the Holy Quran in Sweden is a bitter, conspiratorial, dangerous event” and that the desecration had “created feelings of hatred and enmity” in Muslim nations toward the people burning the Quran and their governments.
SAPO’s operational manager Fredrik Hallström said on Tuesday that the text messages were intended to “paint the image of Sweden as an Islamophobic country and create division in society.”
He accused foreign powers of seeking to “exploit vulnerabilities” and said they were “now acting more and more aggressively, and this is a development that is likely to escalate.”
He did not name specific countries.
Swedish Justice Minister Gunnar Strömmer told Swedish news agency TT “that a state actor, in this case Iran, according to [SAPO’s] assessment is behind an action that aims to destabilize Sweden or increase polarization in our country is of course very serious.”
Sweden’s domestic security agency in May accused Iran of using established criminal networks in Sweden as a proxy to target Israeli or Jewish interests in the Scandinavian country.
Ljungqvist said on Tuesday that although the preliminary investigation has been closed, it “does not mean that the suspected hackers have been completely written off” and that the probe could be reopened.
“Since the actors are acting for a foreign power, in this case Iran, we make the assessment that the conditions for prosecution abroad or extradition to Sweden are lacking for the persons suspected of being behind the breach,” Ljungqvist said.