US charges, sanctions Iranians linked to Revolutionary Guard cyber command – Security


The US government has announced criminal charges and sanctions against four Iranians over an alleged multi-year cyber campaign targeting more than one dozen American companies, the Treasury Department and the State Department said.



Sanctions were also announced against two companies, Mehrsam Andisheh Saz Nik and Dadeh Afzar Arman, that according to the Treasury Department employed the individual defendants and were front companies for Iran’s Revolutionary Guard cyber command.

Federal prosecutors in Manhattan said the corporate targets were primarily defence contractors that had access to classified information, while other targets included a New York-based accounting firm and New York-based hospitality company.

Prosecutors said the defendants infected computers with malware by using spear phishing, which involves tricking email recipients into clicking malicious links, and impersonating women to gain people’s confidence.

More than 200,000 employee accounts were compromised at the accounting firm, and more than 2000 were compromised at the hospitality company, prosecutors said.

The alleged wrongdoing occurred between 2016 and 2021.

“Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability,” US Attorney General Merrick Garland said in a statement.

The individual defendants Hossein Harooni, Reza Kazemifar, Alireza Nasab and Komeil Salmani are all in their mid- to late-30s and at large, prosecutors said.

Each was charged with wire fraud, wire fraud conspiracy and conspiracy to commit computer intrusions.

Harooni was also charged with damaging a protected computer, and Harooni and Nasab were charged with aggravated identity theft.



Source link