Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

US Charges Iranian Over Cyberattacks on Government, Defense Organizations

The US has charged an Iranian company’s employee over cyberattacks on State and Treasury Departments and defense contractors.

The US Justice Department on Thursday announced charges against an Iranian national allegedly involved in hacking operations, including ones aimed at government and private sector organizations. 

The defendant, 39-year-old Alireza Shafie Nasab, is accused of taking part in hacking campaigns between at least 2016 and 2021. Some of the victims of these campaigns were the US State and Treasury Departments, defense contractors, and a dozen companies, including two accounting and hospitality companies based in New York.

Nasab allegedly worked at Mahak Rayan Afraz, an Iranian IT company with ties to the Islamic Revolutionary Guard Corps (IRGC). The firm’s executives are said to have links to firms sanctioned by the United States.

Mahak Rayan Afraz was previously linked to malware development and cyberespionage operations. 

The private sector victims targeted by Nasab and his accomplices were mainly cleared defense contractors, from which they attempted to steal sensitive or classified information. The attackers relied on spearphishing emails and social engineering to deliver malware to targeted entities. 

According to the DoJ, the hackers compromised more than 200,000 employee accounts during their attack against one victim. 

“In the course of these spear phishing attacks, the conspirators compromised an administrator email account belonging to a defense contractor (Defense Contractor-1),” the DoJ said. “Access to this administrator account empowered the conspirators to create unauthorized Defense Contractor-1 accounts, which the conspirators then used to send spear phishing campaigns to employees of a different defense contractor and a consulting firm.”

Nasab was allegedly in charge of procuring infrastructure for the hacking operations. He has been charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, wire fraud, and aggravated identity theft. Some of these charges carry a sentence of up to 20 years in prison.

Advertisement. Scroll to continue reading.

Nasab remains at large. A reward of up to $10 million is being offered for information that can be used to identify or locate the Iranian national. 

Related: Iranian Hackers Target Aviation and Defense Sectors in Middle East

Related: US Indicts Iranians for Election Meddling

Related: US Indicts Iranians Who Hacked Power Company, Women’s Shelter

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Cody Barrow has been appointed the new CEO of threat intelligence company EclecticIQ.

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

More People On The Move

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.