4 Iranian Individuals Charged With Conducting Hacking Scheme Against US, Private Entities
The U.S. Attorney for the Southern District of New York charged four Iranian nationals -- Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani and Alireza Shafie Nasab -- for allegedly conducting cyber intrusions on U.S. government and private entities, including the Treasury and State departments, defense contractors and two New York-based companies, DOJ announced.
In conjunction with the indictment, the Treasury Department's Office of Foreign Assets Control sanctioned the four individuals, along with two companies, for the cyberattack (see 2404230052). The companies are Mehrsam Andisheh Saz Nik and Dadeh Afzar Arman, both of which OFAC said conduct cyber campaigns on behalf of the Iran Revolutionary Guard Corps.
Announcing the unsealing of an indictment against the four individuals, DOJ noted that all of the defendants "remain at large" and that the State Department is offering a reward of up to $10 million for information on the "identification or location of the group and the defendants."
From 2016 to 2021, the four individuals and "other conspirators were members of a hacking organization that participated in a coordinated multi-year campaign to conduct and attempt to conduct computer intrusion," DOJ said.
Kazemifar, Salmani and Nasab were employed by Mahak Rayan Afraz during the conspiracy and used "spearphishing," which tricks an email user to clicking on a "malicious link," to flood the victim's computer with malware. The group created and used a "particular computer application" that allowed for the spearphising attacks, DOJ said. The cyber scheme also saw the conspirators use "social engineering, which involved impersonating others, generally women, to obtain the confidence of victims."
Each of the individuals allegedly held specific roles within the scheme. Kazemifar and Salmani tested the tools used by the scheme to carry out the cyber campaigns. Harooni was entrusted to procure, administer and manage the online network infrastructure used to conduct the computer intrusions. Nasab procured infrastructure used by the scheme. If convicted, each faces up to five years in prison for the conspiracy and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud, DOJ said.
Harooni also is charged with "knowingly damaging a protected computer," which comes with a maximum 10-year prison stint. Harooni, Salmani and Nasab are also charged with "aggravated identity theft, which carries a mandatory consecutive term of two years in prison."