Iranians tried to hack U.S. defense firms, says Justice… | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

The Justice Department on Tuesday unsealed an indictment against four Iranian men, alleging that for five years they participated in a campaign to hack U.S. defense companies.

Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab are accused of participating from 2016 to 2021 in a group that sought to hack dozens of American companies. It also attempted to access the U.S. State Department and Treasury Department.

What are the exact charges these men are facing? The men face charges of conspiracy to commit computer intrusions, aggravated identity theft, and wire fraud. All four men remain at large, according to a Justice Department statement. They are presumed innocent until proven guilty in a court of law.

What private-sector firms did the hackers target? Most of the targets were defense contractors, according to the indictment. The men allegedly managed to compromise a management account at a U.S. defense company, and then create fake accounts within the company. They are accused of using the fake profiles to then target other companies with spearphishing scams, or phishing attacks focused on scamming individuals or small groups. In addition to the defense contractors, hackers also compromised more than 200,000 employee accounts at a New York-based accounting firm, according to the indictment. They attempted to do the same to roughly 2,000 employee accounts for a New York-based hospitality company.

What were the alleged roles of the specific defendants? Harooni allegedly maintained the infrastructure such as computer servers and custom software for the rest of the organization, while Nasab procured that infrastructure. Kazemifar and Salmani tested the tools the organization used in its hacking operations.

Dig deeper: Read Lauren Canterberry’s report in WORLD Magazine about a police crackdown on a major ransomware group.


Click Here For The Original Story From This Source.


National Cyber Security