fbpx
Absa Bank Kenya Partners with Huawei to Build a New Digital Foundation for Branch NetworksRead more Stylish and compact, these new Canon instant printers make creative pursuits easyRead more Nigerian Law Enforcement agencies open investigations on Hawilti and company executives for criminal breach of trust, cheating, defrauding investors schemeRead more Famine looms in Somalia, but many ‘hunger hotspots’ are in deep troubleRead more Launch of the 3rd Edition of the Choiseul Africa Business Forum, a Must-Attend Event for the Business Community in Africa October 19th & 20th, 2022 in Casablanca, MoroccoRead more World’s Biggest Afrobeats Music Festival Afro Nation Extends Partnership with APO Group until 2025Read more Master Trainer (MT) National Meeting on Sustainable Coffee Practices Organized by The International Islamic Trade Finance Corporation in Collaboration with The Sustainable Coffee Platform of Indonesia (SCOPI)Read more Thai Ambassador met the Thai Community in Dar es Salaam and Zanzibar and visited the Buddhist Temple in TanzaniaRead more Generation Africa awards US$100,000 to two young agripreneurs from Kenya and Uganda in the fourth annual GoGettaz Agripreneur Prize Competition at the African Green Revolution Forum Summit in Kigali, RwandaRead more Medicaid Cancer Foundation and AstraZeneca celebrate Prostate Cancer Awareness month with the launch of Project Icon NigeriaRead more

US indicts Iranians who hacked power company, women’s shelter

show caption
This handout image by the US State Department shows Iranian cyber actors wanted for their alleged involvement in a coordinated campaign to hack and extort hundreds of computer networks and organizations in the United States and abroad./AFP
Print Friendly and PDF

Sep 15, 2022 - 03:47 AM

WASHINGTON — The US Department of Justice announced an indictment Wednesday against three Iranian hackers who used ransomware to extort a battered women’s shelter and a power company.

Authorities said the trio launched ransomware attacks at “hundreds” of victims, including inside Britain, Australia, Iran, Russia and the United States, saying they extorted money “largely” for their own accounts, and not for the Iranian government.

But a separate US Treasury announcement of sanctions said the three were part of a larger hacking group tied to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC), and the US State Department has offered a $10 million reward for information on them.

The indictment identified the three as Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nikaeen Ravari.

It said that between October 2020 and August 2022, the men used known vulnerabilities in computer systems to attack multiple targets in the United States, stealing their data and demanding up to hundreds of thousands of dollars to have it returned.

Those included local governments, a shelter for victims of domestic violence, a children’s hospital in Boston, accounting firms and electricity generating companies.

The victims were not methodically chosen but were “targets of opportunity” whose computer systems were vulnerable to hacking, officials said.

“The indictment does not allege that these actors undertook these actions on behalf of the Government of Iran,” a senior Justice Department official told reporters.

The three “engaged in a pattern of hacking, cyber-theft, and extortion largely for personal gain,” FBI Director Chris Wray said in a separate statement.

But a concurrent announcement by the US Treasury said the three were part of a group of 10 Iranian hackers targeted with sanctions that was backed by the Revolutionary Guards.

“This IRGC-affiliated group is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities,” the Treasury said.

Their actions align with those of known Iranian cyberattack operations which private cyber security groups have dubbed “APT35,” “Charming Kitten” and “Phosphorous,” Treasury added.

MAORANDCITIES.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.