Iranian nationals charged with hacking U.S. companies, Treasury and State departments | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

The U.S. government on Tuesday took sweeping action against four Iranian nationals, accusing them of participating in hacking operations that targeted the U.S. Treasury and State departments, defense contractors and two New York-based companies on behalf of the Iranian Islamic Revolutionary Guard Corps (IRGC).

All four were indicted and charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and wire fraud. They each face up to five years in prison for the computer fraud conspiracy charge and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud, the U.S. Department of Justice said in a statement.

The four were also sanctioned by the Treasury Department, and the State Department is offering a reward of up to $10 million and possible relocation for any information on three of the men or the companies with whom they’re associated. 

The accused defendants are Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani and Alireza Shafie Nasab. The men have various connections to a pair of IRGC front companies, which were used to carry out various aspects of the attacks, according to the Treasury Department: Mehrsam Andisheh Saz Nik (MASN), previously known as Mahak Rayan Afzar, and Dadeh Afzar Arman (DAA).

Harooni was additionally charged with knowingly damaging a protected computer, which could add an additional 10-year prison penalty. Harooni, Salamani and Nasab were also charged with aggravated identity theft, which carries a mandatory consecutive term of two years in prison, the Department of Justice said.

An indictment against Nasab was previously unsealed in February for the same charges, and the State Department had already offered a $10 million reward for information leading to his location.

The men are accused of participating in “a coordinated multi-year campaign to conduct and attempt to conduct computer intrusions” between 2016 through at least April 2021, the Department of Justice said in a statement. The group primarily targeted cleared defense contractors, which are companies authorized to access, receive and store classified information in support of the U.S. Department of Defense.

The group also targeted an unnamed New York-based accounting firm and a New York-based hospitality company, according to the indictment. In total, the group stands accused of targeting more than a dozen U.S. companies, alongside the Treasury and State Departments, according to the State Department’s reward offer.

The Permanent Mission of the Islamic Republic of Iran to the United Nations in New York did not immediately respond to a request for comment.

Written by AJ Vicens

AJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal/WhatsApp: (810-206-9411).


Click Here For The Original Story From This Source.


National Cyber Security