| Submit your comments on this article | |
| Cyber | |
| 4 Iranians indicted for alleged malicious multi-year cyber campaign targeting US government and defense firms | |
| 2024-04-24 | |
| [FoxNews] Four Iranian nationals were indicted Tuesday for allegedly being part of a multi-year "malicious cyber ops" campaign targeting the U.S. State and Treasury departments, defense contractors and two companies in New York. The Department of Justice (DOJ) unsealed the indictment in a Manhattan federal court, charging Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab with computer fraud, conspiracy to commit wire fraud, wire fraud and other charges. Along with the unsealing of the indictment against the four conspirators, the U.S. Department of State’s Rewards for Justice program (RFJ) announced it was offering up to $10 million for information leading to the identification or location of the group and the defendants, the DOJ said. The Treasury Department also announced sanctions against the four conspirators and other cyber actors. The indictment alleges that between at least 2016 through April 2021, Harooni, Kazemifar, Salmani, Nasab and others were part of a hacking organization accused of participating in a multi-year, coordinated campaign to conduct computer intrusions. The hackers targeted over a dozen U.S. companies as well as the U.S. Treasury and U.S. State Department. Kazemifar, Salmani and Nasab worked for Mahak Rayan Afraz, a company based in Iran that offered cybersecurity services, but the DOJ alleges the company was just a front for their operation. Those targeted in the private sector were cleared by defense contractors with security clearance granted by the U.S. Department of Defense (DoD), allowing them to access, receive and store classified information to conduct activities in support of DoD programs. The alleged hackers also targeted an accounting firm and a hospitality company, both located in New York. While conducting the hacking campaigns, the conspirators tricked email recipients into clicking on links that turned out to be malicious and infected the computers with malware. In one campaign, the group targeted one victim, which resulted in over 200,000 employee accounts becoming compromised. The hackers conducted another campaign in which they targeted about 2,000 employee accounts, the DOJ said. As the group continued with their attacks, the hackers were able to access an administrator's email account belonging to a defense contractor. The access allowed the conspirators to establish unauthorized accounts that were used to send hacking campaigns to employees of another defense contractor and a consulting firm. The indictment noted that Kazemifar was responsible for testing the tools used in the campaigns. He also allegedly worked for the Iranian Organization for Electronic Warfare and Cyber Defense (EWCD), which is part of the Islamic Revolutionary Guard Corps (IRGC). The U.S. has designated the IRGC as a foreign terrorist organization. Harooni, the indictment alleged, procured, administered and managed the group’s infrastructure – things like computer servers and software used to conduct the hacking operations. He also allegedly used a real person’s passport to conceal his role in the campaign. Salmani, like Kazemifar, tested the tools used to execute hacking campaigns, including that used against a hospitality company. Nasab is accused of creating the infrastructure used in social engineering campaigns in which women were used to gain confidence from victims before deploying malware on their computers and devices. All four conspirators were charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud and wire fraud. They face up to five years in prison for computer fraud conspiracy and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud. The DOJ said Harooni was also charged with knowingly damaging a protected computer, which has a maximum sentence of 10 years in prison if found guilty. The DOJ charged Harooni, Salmani and Nasab with aggravated identity theft, as well.
"Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two companies and four individuals involved in malicious cyber activity on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC)," read a statement from the Department. "These actors targeted more than a dozen U.S. companies and government entities through cyber operations, including spear phishing and malware attacks. In conjunction with today’s action, the U.S. Department of Justice and the Federal Bureau of Investigation is unsealing an indictment against the four individuals for their roles in cyber activity targeting U.S. entities," it added. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson was cited in the statement as saying that "Iranian malicious cyber actors continue to target U.S. companies and government entities in a coordinated, multi-pronged campaign intended to destabilize our critical infrastructure and cause harm to our citizens." Related: Department of Justice: 2024-04-21 The FBI exonerated of targeting traditional Catholics by the DOJ Department of Justice: 2024-04-17 SCOTUS Arguments Don't Bode Well For DOJ Prosecutors Pushing J6 Obstruction Charges Department of Justice: 2024-04-17 Riot revisited: Trump's plan to pardon Jan. 6 defendants | |
| Posted by:Skidmark |