The U.S. government on Tuesday took sweeping action against four Iranian nationals, accusing them of participating in hacking operations that targeted the U.S. Treasury and State departments, defense contractors and two New York-based companies on behalf of the Iranian Islamic Revolutionary Guard Corps (IRGC).

All four were indicted and charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and wire fraud. They each face up to five years in prison for the computer fraud conspiracy charge and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud, the U.S. Department of Justice said in a statement.

The four were also sanctioned by the Treasury Department, and the State Department is offering a reward of up to $10 million and possible relocation for any information on three of the men or the companies with whom they’re associated.Â

The accused defendants are Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani and Alireza Shafie Nasab. The men have various connections to a pair of IRGC front companies, which were used to carry out various aspects of the attacks, according to the Treasury Department: Mehrsam Andisheh Saz Nik (MASN), previously known as Mahak Rayan Afzar, and Dadeh Afzar Arman (DAA).

Harooni was additionally charged with knowingly damaging a protected computer, which could add an additional 10-year prison penalty. Harooni, Salamani and Nasab were also charged with aggravated identity theft, which carries a mandatory consecutive term of two years in prison, the Department of Justice said.

An indictment against Nasab was previously unsealed in February for the same charges, and the State Department had already offered a $10 million reward for information leading to his location.

The men are accused of participating in “a coordinated multi-year campaign to conduct and attempt to conduct computer intrusions” between 2016 through at least April 2021, the Department of Justice said in a statement. The group primarily targeted cleared defense contractors, which are companies authorized to access, receive and store classified information in support of the U.S. Department of Defense.

The group also targeted an unnamed New York-based accounting firm and a New York-based hospitality company, according to the indictment. In total, the group stands accused of targeting more than a dozen U.S. companies, alongside the Treasury and State Departments, according to the State Department’s reward offer.

The Permanent Mission of the Islamic Republic of Iran to the United Nations in New York did not immediately respond to a request for comment.

The post Iranian nationals charged with hacking U.S. companies, Treasury and State departments appeared first on CyberScoop.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Using AI-Generated Legislative Amendments as a Delaying Technique

April 17, 2024 0 Comments 0 tags

Canadian legislators proposed 19,600 amendments—almost certainly AI-generated—to a bill in an attempt to delay its adoption. I wrote about many different legislative delaying tactics in A Hacker’s Mind, but this

Licensing AI Engineers

March 25, 2024 0 Comments 0 tags

The debate over professionalizing software engineers is decades old. (The basic idea is that, like lawyers and architects, there should be some professional licensing requirement for software engineers.) Here’s a

Three-Quarters of Cyber Incident Victims Are Small Businesses

March 12, 2024 0 Comments 0 tags

Three-quarters of cyber-incidents Sophos responded to involved small businesses in 2023, with attackers’ main goal being data theft