Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

U.S. Imposes Sanctions on Iranians for Hacking

U.S. Charges Iranians in Massive Hacking Scheme

U.S. Charges Iranians in Massive Hacking Scheme

The United States unveiled charges on Friday against nine Iranians for their alleged involvement in a massive state-sponsored hacking scheme which targeted hundreds of universities in the US and abroad and stole “valuable intellectual property and data.”

Ten Iranians were also hit with sanctions along with an Iranian company, the Mabna Institute, which engaged in computer hacking on behalf of Iran’s Revolutionary Guards, the US Treasury Department said.

The two founders of the Mabna Institute, Gholamreza Rafatnejad, 38, and Ehsan Mohammadi, 37, were among the nine Iranians indicted in New York and whose assets are subject to US seizure.

Since 2013, the Mabna Institute carried out cyber intrusions into the computer systems of 144 US universities, the Treasury Department said, and 176 universities in 21 foreign countries.

Mabna Institute employees and contractors “engaged in the theft of valuable intellectual property and data from hundreds of US and third-country universities… for private financial gain,” it said.

“For many of these intrusions, the defendants acted at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps,” Deputy Attorney General Rod Rosenstein said.

The US Department of Labor, the US Federal Energy Regulatory Commission, dozens of private firms and non-governmental organizations such as the United Nations Children’s Fund were also allegedly targeted.

Geoffrey Berman, US Attorney for the Southern District of New York, said the Iranians conducted spearphishing attacks designed to steal passwords from email accounts in one of the “largest state-sponsored” hacking schemes ever uncovered.

– 8,000 accounts compromised –

The email accounts of more than 100,000 university professors worldwide were targeted, Berman said, and about 8,000 accounts were compromised.

He said 31 terabytes — about 15 billion pages — of academic data and intellectual property were stolen.

This included “research, and other academic data and documents, including, among other things, academic journals, theses, dissertations, and electronic books,” the Justice Department said.

“The defendants targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields,” it said.

David Bowdich, deputy director of the FBI, said the defendants are in Iran and “apprehending these individuals presents a challenge.”

“(But) the long arm of the law reaches worldwide,” he said. “You cannot hide behind a keyboard half way around the world and expect not to be held to account,” Berman said.

One of the 10 Iranians subject to sanctions, Behzad Mesri, was already indicted in November 2017 in connection with the theft of scripts and plot summaries for HBO’s “Game of Thrones,” and for trying to extort $6 million in Bitcoin out of the network.

The Justice Department said that besides targeting university professors in the United States, the hackers also compromised accounts in Australia, Canada, China, Denmark, Finland, Germany, Ireland, Israel, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Singapore, South Korea, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

Rafatnejad, Mohammadi and the seven other Mabna Institute employees or contractors were charged with identity theft, conspiracy to commit computer intrusions and other crimes.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...