They are accused of targeting hundreds of computer networks around the world
US authorities announced Wednesday that they had indicted three Iranian hackers for ransomware attacks against hundreds of entities around the world, including a shelter for victims of domestic violence or a children’s hospital.
Mansour Ahmadi, 34, Ahmad Khatibi Aghda, 45, and Amir Hossein Nickaein, 30, are accused of carrying out a series of cyber attacks since October 2020 in the US, UK, Israel, Russia, but also inside Iran, according to the indictment released on Wednesday.
This document mentions no connection with the Iranian government and the federal police argue that the “main” purpose of these cyber attacks was personal enrichment.
The State and Treasury Department, on the other hand, ensures that they are part of a group of pirates “affiliated with the Revolutionary Guards”, the ideological army of Iran.
In separate press releases, these two ministries announced they were sanctioning them, along with seven other Iranians and two Iranian companies.
The State Department is offering a $ 10 million reward for any information leading to their position. “This demonstrates our determination to prevent any ransomware attack against our infrastructure,” said US Foreign Minister Antony Blinken.
The three men are likely to be in Iran, a senior Justice Ministry official said on condition of anonymity.
Specifically, they are accused of targeting hundreds of computer networks around the world. In the United States, their goals include small businesses, an electricity company, a children’s hospital in Boston, municipalities, or the association representing American lawyers (ABA).
Each time, they exploited the system’s flaws to encrypt their victims’ data and demanded payment of several thousand dollars in exchange for the decryption key. Some have accepted: the shelter for battered women, located in Pennsylvania, has thus paid 13 thousand dollars to recover her data and prevent its disclosure.
“They engaged in hacking, computer theft and extortion primarily for personal gain,” FBI Director Christopher Wray said in a video posted on the federal police website.
Christopher Wray announces the publication of a bulletin on the “wider risk posed by cyber actors affiliated with the Iranian state”, also adopted by the authorities of Canada, Australia and the United Kingdom.
The Iranian regime is regularly accused of being responsible for cyber attacks abroad, which it denies. The Albanian government recently severed ties with Tehran, blaming it for a massive campaign against its digital infrastructure and then its police.
–
