Home » News » Iranians Charged by the US Government for Hacking

Iranians Charged by the US Government for Hacking

fb twitter pinterest linkedin
Iranians Charged by the US Government for Hacking-GadgetAny

The US government charged three Iranian nationals for hacking into US-based computer networks. According to the indictment, the Iranians sent ransom demands to the printers of some of the victims. Also, the ransom demands were allegedly in exchange for BitLocker decryption keys victims needed to regain access to their data.  

Furthermore, the US Department of Justice (DOJ) stated in a press release, “The defendants’ hacking campaign exploited known vulnerabilities in commonly used network devices and software applications to gain access and exfiltrate data and information from victims’ computer systems.” According to the DOJ, the three Iranians (Mansour Ahmadi, Ahmad Khatibi, and Amir Hossein Nickaein) and others “conducted encryption attacks against victims’ computer systems, denying victims access to their systems and data unless a ransom payment was made.”

More details about the cyberattack

US Government

The indictment revealed that the Iranians used an FRP (fast reverse proxy) tool “to maintain unauthorized ‘back door’ connections to victim networks.” In addition, they sometimes allegedly connected victims’ servers to a server leased by Nickaein. Also, for the attacks, the defendants and “their co-conspirators created and registered ‘look-alike’ web domains using a naming format designed to resemble the web domains of legitimate, well-known technology companies to deceive victims and disguise the illegal activities.”

Moreover, the indictment also described a few incidents where the attackers sent ransom demands to printers on hacked networks. Before sending these ransom demands, “a conspiracy member gained unauthorized access to the Domestic Violence Shelter’s computer system and launched an encryption attack by activating BitLocker, thereby denying it access to some of its systems and data,” disclosed the indictment. BitLocker is an encryption tool available on Windows.

Who are the victims?

US Government


Victims of the Iranian hackers include small businesses, non-profit programs, government agencies, educational and religious institutions, and “multiple critical infrastructure sectors, including health care centers, transportation services, and utility providers,” the DOJ said in the press release.

On another note, the indicted and their co-conspirators also demanded payment in Bitcoin and other cryptocurrencies. Unfortunately, many victims paid the ransom demand to recover their data.

The types of threats victims received in the printed ransom demand –

  • We will sell your data if you decide not to pay or try to recover them.
  • Hi. Do not take any action for recovery. Your files may be corrupted and not recoverable. Just contact us.
  • We can block re-hacking. You are constantly at risk.
  • I locked more than 90 systems on your network. Are you ready to pay?

Unsurprisingly, this isn’t the first hacking campaign that uses the “print bombing” tactic—sending ransom demands to printers of infected networks. 

According to the DOJ, the Iranians hacked networks in several countries, including “the United States, the United Kingdom, Israel, Iran, and elsewhere.” The agency accused the Iranian government of “creating a safe haven where cyber criminals acting for personal gain flourish and defendants like these can hack and extort victims, including critical infrastructure providers.”

Charges Against the Iranian Hackers

Iranian hackers


The DOJ charged each of the three defendants with one count of conspiring to commit computer fraud and related activity in connection with computers, one count of transmitting a demand in relation to damaging a protected computer, and one count of intentionally damaging a protected computer. The agency also charged Ahmadi with an additional count of intentionally damaging a protected computer.

Most importantly, the charge of intentional damage to protected computers carries a maximum sentence of 10 years in prison. And the other charges carry maximum sentences of five years each. “The offenses also carry a potential maximum fine of $250,000 or twice the gross amount of gain or loss resulting from the offense, whichever is greatest,” the DOJ said.

Unfortunately, the three defendants remain at large and outside the US, according to the DOJ.

Prelo Con

By Prelo Con

Following my passion by reviewing latest tech. Just love it.

Leave a Reply

Your email address will not be published.

1 × three =

Related news