One Iranian hacker is a threat to the security of the entire country.
The United States Department of Justice has filed charges against Alireza Shafi Nasab, an Iranian citizen . According to the investigation, the man for several years led a large-scale cyber operation that affected hundreds of thousands of accounts and aimed at penetrating the computer systems of US defense contractors and government departments.
According to the indictment, Nasab and his associates operated under the cover of a fictional cybersecurity company, Mahak Rayan Afraz. Using phishing emails, social engineering techniques, and custom-made malware, they compromised American targets between 2016 and April 2021.
"Nasab was a participant in a cyber operation in which more than 200,000 devices were hacked through phishing and other hacking tricks, many of which contained classified defense information," said Damian Williams, prosecutor for the Southern District of New York.
The main targets of Nasab and his group were organizations associated with the Pentagon, but other victims were also on their way. Among them: audit firms, hotels in New York, as well as the State Department, the US Treasury Department and one unnamed foreign country.
Although the indictment does not disclose whether the hackers managed to break into government structures, it is known that in recent years, the State Department and the US Treasury Department have already been hacked, the responsibility for which was assigned to China and Russia, respectively.
According to the Ministry of Justice, members of the group also resorted to social engineering, posing as women "to gain the trust of victims."
Mahak Rayan Afraz has previously attracted the attention of cybersecurity experts. In 2021, Facebook* "took action" against the Iranian hacker group Tortoiseshell, which, according to Symantec, had links with Mahak Rayan Afraz. According to Facebook, some of the malware used by Tortoiseshell was also developed by Nasab's associates. It is worth noting that the American authorities also associate this crash site with the Islamic Revolutionary Guard Corps.
Nasab is charged with conspiracy to commit computer fraud, fraud involving the use of electronic means of communication, and theft of personal data. In the most unfavorable case, he faces up to 47 years in prison.
However, detaining Nasab, who is an Iranian citizen, may not be an easy task. He is currently on the international wanted list. The US State Department has awarded a $ 10 million reward for information that will help determine his whereabouts.
"This case demonstrates the pernicious cyber environment in Iran, where criminals are given full freedom to attack computer systems abroad and create threats to confidential information and critical infrastructure in the United States," said Matthew Olsen, Assistant Attorney General for National Security. "Our National Security Cybercrime division is focused on stopping such cross-border hacking schemes and bringing those responsible to justice."
The United States Department of Justice has filed charges against Alireza Shafi Nasab, an Iranian citizen . According to the investigation, the man for several years led a large-scale cyber operation that affected hundreds of thousands of accounts and aimed at penetrating the computer systems of US defense contractors and government departments.
According to the indictment, Nasab and his associates operated under the cover of a fictional cybersecurity company, Mahak Rayan Afraz. Using phishing emails, social engineering techniques, and custom-made malware, they compromised American targets between 2016 and April 2021.
"Nasab was a participant in a cyber operation in which more than 200,000 devices were hacked through phishing and other hacking tricks, many of which contained classified defense information," said Damian Williams, prosecutor for the Southern District of New York.
The main targets of Nasab and his group were organizations associated with the Pentagon, but other victims were also on their way. Among them: audit firms, hotels in New York, as well as the State Department, the US Treasury Department and one unnamed foreign country.
Although the indictment does not disclose whether the hackers managed to break into government structures, it is known that in recent years, the State Department and the US Treasury Department have already been hacked, the responsibility for which was assigned to China and Russia, respectively.
According to the Ministry of Justice, members of the group also resorted to social engineering, posing as women "to gain the trust of victims."
Mahak Rayan Afraz has previously attracted the attention of cybersecurity experts. In 2021, Facebook* "took action" against the Iranian hacker group Tortoiseshell, which, according to Symantec, had links with Mahak Rayan Afraz. According to Facebook, some of the malware used by Tortoiseshell was also developed by Nasab's associates. It is worth noting that the American authorities also associate this crash site with the Islamic Revolutionary Guard Corps.
Nasab is charged with conspiracy to commit computer fraud, fraud involving the use of electronic means of communication, and theft of personal data. In the most unfavorable case, he faces up to 47 years in prison.
However, detaining Nasab, who is an Iranian citizen, may not be an easy task. He is currently on the international wanted list. The US State Department has awarded a $ 10 million reward for information that will help determine his whereabouts.
"This case demonstrates the pernicious cyber environment in Iran, where criminals are given full freedom to attack computer systems abroad and create threats to confidential information and critical infrastructure in the United States," said Matthew Olsen, Assistant Attorney General for National Security. "Our National Security Cybercrime division is focused on stopping such cross-border hacking schemes and bringing those responsible to justice."
