Iranians Hacked A Domestic Violence Shelter And U.S. Power Companies In Ransomware Rampage, DOJ Says

0

The Justice Department announced charges on Tuesday against three Iranian nationals who between October 2020 and 2022 allegedly hacked into hundreds of organizations across multiple countries, including the U.S., the U.K. and Russia.

According to the DOJ, the hackers broke into computers and used Microsoft’s BitLocker security tool, which secures files, to lock up victims’ data. They then allegedly stole data and sent ransom demands, some of which were printed out using office printers. The victims were broad, from small businesses and utilities companies to local government agencies and nonprofits, including a domestic violence shelter in Pennsylvania.

A senior DOJ official, speaking to press ahead of the indictment release, said that there was no evidence the targeted power companies had suffered any downtime as a result of the breaches. In the case of the shelter, it paid $13,000 in bitcoin to recover its files. The DOJ did not state how much the ransomware group had made in total.

The three charged were named as Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari. With no legal representation or public profiles, they were not immediately contactable at the time of publication. The DOJ believes they remain in Iran, and that they would not be able to leave the country without risking arrest. The State Department is offering $10 million for information leading to the identification or location of the men.

The DOJ official said the hackers were seeking financial gain and were not working on the behalf of the Iranian government.

However, alongside the DOJ announcement, the U.S. Treasury Department sanctioned the alleged hackers and claimed they were executives at two Iranian government contractors, Najee Technology and Afkar System. Forbes could not immediately find contact details for the companies, both of which were also sanctioned, alongside another seven other employees.

The FBI, without naming individuals, at the same time issued an advisory saying a group of hackers working for the two Iranian military contractors had been carrying out ransomware attacks on American, U.K., Australian and Canadian organizations. Their victims include a U.S. police department, an American regional transportation system and an aerospace company group. They targeted vulnerabilities in software made by Microsoft and network security company Fortinet, amongst others, and hit organizations in over 100 different countries, according to the FBI.

The U.S. alleges the hackers appear to be working for the government and doing cybercrime as a side hustle. “You’ve got a group of folks who have some level of state employment or doing something for the state, but also up to something on the side to make money,” the DOJ official added. “That raises another issue or another layer of state responsibility that doesn’t appear in the indictment.”

The indictment comes after numerous reprimands made by the U.S. against Iranian hackers. The U.S. Treasury announced last week that it was sanctioning Iran’s Ministry of Intelligence and Security and its chief for attacks on the Albanian government, which led to online public services going down across the country. The DOJ official said he expected more sanctions to come from the Treasury and the State Department.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! Rapidtelecast.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave a comment