Iranians Charged by the US Government for Hacking

September 15, 2022 By Prelo Con

(Image Credit Google)

The US government charged three Iranian nationals for hacking into US-based computer networks. According to the indictment, the Iranians sent ransom demands to the printers of some of the victims. Also, the ransom demands were allegedly in exchange for BitLocker decryption keys victims needed to regain access to their data. Furthermore, the US Department of Justice (DOJ) stated in a press release, "The defendants' hacking campaign exploited known vulnerabilities in commonly used network devices and software applications to gain access and exfiltrate data and information from victims' computer systems." According to the DOJ, the three Iranians (Mansour Ahmadi, Ahmad Khatibi, and Amir Hossein Nickaein) and others "conducted encryption attacks against victims' computer systems, denying victims access to their systems and data unless a ransom payment was made." More details about the cyberattack US Government

The indictment revealed that the Iranians used an FRP (fast reverse proxy) tool "to maintain unauthorized 'back door' connections to victim networks." In addition, they sometimes allegedly connected victims' servers to a server leased by Nickaein. Also, for the attacks, the defendants and "their co-conspirators created and registered 'look-alike' web domains using a naming format designed to resemble the web domains of legitimate, well-known technology companies to deceive victims and disguise the illegal activities." Moreover, the indictment also described a few incidents where the attackers sent ransom demands to printers on hacked networks. Before sending these ransom demands, "a conspiracy member gained unauthorized access to the Domestic Violence Shelter's computer system and launched an encryption attack by activating BitLocker, thereby denying it access to some of its systems and data," disclosed the indictment. BitLocker is an encryption tool available on Windows. Who are the victims? US Government

Victims of the Iranian hackers include small businesses, non-profit programs, government agencies, educational and religious institutions, and "multiple critical infrastructure sectors, including health care centers, transportation services, and utility providers," the DOJ said in the press release. On another note, the indicted and their co-conspirators also demanded payment in Bitcoin and other cryptocurrencies. Unfortunately, many victims paid the ransom demand to recover their data. The types of threats victims received in the printed ransom demand -

We will sell your data if you decide not to pay or try to recover them.
Hi. Do not take any action for recovery. Your files may be corrupted and not recoverable. Just contact us.
We can block re-hacking. You are constantly at risk.
I locked more than 90 systems on your network. Are you ready to pay?

Unsurprisingly, this isn't the first hacking campaign that uses the "print bombing" tactic—sending ransom demands to printers of infected networks. According to the DOJ, the Iranians hacked networks in several countries, including "the United States, the United Kingdom, Israel, Iran, and elsewhere." The agency accused the Iranian government of "creating a safe haven where cyber criminals acting for personal gain flourish and defendants like these can hack and extort victims, including critical infrastructure providers." Charges Against the Iranian Hackers

The DOJ charged each of the three defendants with one count of conspiring to commit computer fraud and related activity in connection with computers, one count of transmitting a demand in relation to damaging a protected computer, and one count of intentionally damaging a protected computer. The agency also charged Ahmadi with an additional count of intentionally damaging a protected computer. Most importantly, the charge of intentional damage to protected computers carries a maximum sentence of 10 years in prison. And the other charges carry maximum sentences of five years each. "The offenses also carry a potential maximum fine of $250,000 or twice the gross amount of gain or loss resulting from the offense, whichever is greatest," the DOJ said. Unfortunately, the three defendants remain at large and outside the US, according to the DOJ.

By Prelo Con

Following my passion by reviewing latest tech. Just love it.

Iranians Charged by the US Government for Hacking

Walmart's GenAI Search Engine: Challenging Google's Dominance in Retail Search

Introducing the MSI Claw Handheld: Your Ultimate Gaming Companion

Uber Increases In-App Ads, Prompting Mixed Reactions from Customers

Apple's iOS 18: A Leap into the AI Era

Google's Regular Pixel 8 Won't Get Gemini Nano AI

MacBook Air M3 Makes Amends for M2's Storage Blunder

Samsung Unveils the Galaxy M15 5G

Elon Musk's xAI to Open-Source Chatbot Grok

Contra: Operation Galuga - A Modern Run-and-Gun Classic

Musk Confirms X's TV App Arrives This Week

The UK will look into Broadcom's proposed $61 billion acquisition of VMware in more detail.

Now Indeed is cutting the number of employees by up to 15%.

Elon Musk plans to build his own utopian town in Texas, for his workers

Celebs who rocked the "no-pants" trend, Kylie, Taylor Swift, Rita Ora Etc

After being suspended by the Nets for his refusal, Kyrie Irving finally issues an apology.

Is Your Boss Spying on You? The NLRB Can Stop It!