In partnership with
CYBER SYRUP
Delivering the sweetest insights on cybersecurity.
The Future of Shopping? AI + Actual Humans.
AI has changed how consumers shop by speeding up research. But one thing hasn’t changed: shoppers still trust people more than AI.
Levanta’s new Affiliate 3.0 Consumer Report reveals a major shift in how shoppers blend AI tools with human influence. Consumers use AI to explore options, but when it comes time to buy, they still turn to creators, communities, and real experiences to validate their decisions.
The data shows:
Only 10% of shoppers buy through AI-recommended links
87% discover products through creators, blogs, or communities they trust
Human sources like reviews and creators rank higher in trust than AI recommendations
The most effective brands are combining AI discovery with authentic human influence to drive measurable conversions.
Affiliate marketing isn’t being replaced by AI, it’s being amplified by it.
U.S. Offers $10M Reward for Intel on Iranian Cyber Operators
The U.S. government has announced rewards of up to $10 million for information leading to the identification or arrest of members of Shahid Shushtari, an Iranian state-sponsored hacking group tied to widespread cyberattacks and foreign influence operations. The group, formerly known by several aliases including Emennet Pasargad and Cotton Sandstorm, is linked to Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC).
Context
Since 2020, U.S. intelligence, law enforcement, and global cybersecurity researchers have tracked an Iranian cyber unit conducting operations targeting media, critical infrastructure, political processes, and private-sector systems across the U.S., Europe, and the Middle East. Their tactics combine hacking, data theft, psychological operations, and influence campaigns.
A 2023 joint U.S.-Israel advisory publicly identified the group’s infrastructure and front companies, revealing their role in attacks on major events and organizations.
What Happened
The U.S. State Department has now issued reward notices naming two key individuals:
Mohammad Bagher Shirinkar — identified as the group's leader
Fatemeh Sedighian Kashi — long-time member and operational coordinator
Officials state both individuals work closely to plan and carry out cyber operations targeting U.S. and allied infrastructure.
The rewards are part of the Rewards for Justice program, which now includes a Tor-based reporting channel for secure tip submissions.
Technical Breakdown
Shahid Shushtari (a.k.a. Emennet Pasargad / Cotton Sandstorm / Marnanbridge / Haywire Kitten) has a documented operational profile:
Initial access via credential harvesting, phishing, and exploiting vulnerable internet-facing systems
Data theft from critical infrastructure sectors, media outlets, and private organizations
Psychological and influence operations designed to amplify political narratives
Covert command-and-control (C2) operations using front companies
Multi-region targeting, with confirmed activity in the U.S., Israel, Europe, and the Middle East
The group previously targeted:
2020 U.S. presidential election systems
2024 Paris Olympics preparation infrastructure
Telecommunications, energy, financial services, travel, and shipping organizations
Impact Analysis
The group’s operations represent ongoing risks to national security, public trust, and enterprise resilience. Their campaigns combine:
Espionage — sensitive data theft
Disruption — attacks targeting service providers
Influence — attempts to sway public perception and political processes
These blended techniques elevate the group from a regional threat to a globally impactful entity.
Why It Matters
State-linked adversaries with both cyber and influence capabilities create multi-dimensional risk. Shahid Shushtari exemplifies:
The convergence of cyber intrusion and information warfare
The use of front companies to mask government-directed operations
The persistence of threat actors despite sanctions and public exposure
The U.S. reward program signals heightened urgency and represents a renewed effort to dismantle Iranian cyber operations.
Expert Commentary
U.S. officials emphasize that:
The group is operating from Tehran, directly under IRGC-CEC
Its activities span critical infrastructure, elections, and geopolitical influence
Tips from cybersecurity professionals, private companies, and the global public may lead to actionable intelligence
Cyber researchers note that multi-alias threat groups with long-running infrastructure are difficult to disrupt without international cooperation.
Key Takeaways
U.S. is offering up to $10M for information on Iranian cyber operators.
Threat group Shahid Shushtari (formerly Emennet Pasargad) tied to IRGC cyber command.
Linked to attacks on 2024 Olympics, critical infrastructure, and election interference.
Named individuals: Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi.
Group responsible for espionage, disruption, and influence operations.
Secure Tor tip line established for whistleblowers.