U.S. charges 3 Iranian nationals in global hacking campaign
The Justice Department has charged three Iranian nationals for a global computer hacking campaign that allegedly targeted hundreds of victims for extortion, including local U.S. governments, power companies and a domestic violence shelter.
According to an indictment unsealed in New Jersey, Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nickaein began their hacking conspiracy in October of 2020, and took aim at companies and institutions in the United States, Britain, Israel, Russia and Iran.
“By charging them in this indictment, by publicly naming them, we are stripping their anonymity away,” said the U.S. Attorney for New Jersey Philip Sellinger in announcing the charges. “They cannot operate anonymously from the shadows anymore. We have put a spotlight on them as wanted criminals.”
The indictment says the defendants exploited known vulnerabilities in network devices and software to steal data from their victims’ computer systems. In some instances, they allegedly encrypted data on a victim’s system and demanded ransom to decrypt it, while in others they threatened to release the stolen data unless a victim paid them not to do so.
The ransom demands, prosecutors say, were either sent to a victim’s printer or via email. Payment was to be made in cryptocurrency.
One note, for example, that was sent to an accounting firm in Illinois read: “Hi! If you are reading this, it means your data is encrypted and your private sensitive information is stolen! Read carefully the whole instructions to avoid any problems. You have to contact us immediately to resolve this issue and make a deal!”
The targets of the ransom and extortion campaign varied.
There was a municipality in Union County, N.J., and a county government in Wyoming; a public housing corporation in Washington state; a domestic violence shelter in Pennsylvania; accounting firms in New Jersey and Illinois; and regional power companies in Mississippi and Indiana.
While officials say the victims appeared to be targets of opportunity, the U.S. attorney for New Jersey noted a through line among many of them.
“A common feature of the victims was that they provided essential services—local government, housing power, a domestic violence shelter,” Sellinger said. “Services people depend upon every day. Services that, if taken away, hurt the public.”
The indictment does not allege that the defendants were working at the behest of the Iranian government.
None of the defendants is in U.S. custody. Justice Department officials say all three of them are believed to be in Iran.