Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

https://firewall.firm.in/wp-content/uploads/2024/04/iran.png

Apr 24, 2024NewsroomCyber Attack / Cyber Espionage

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021.

This includes the front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh Afzar Arman (DAA), as well as the Iranian nationals Alireza Shafie Nasab, Reza Kazemifar Rahman, Hossein Mohammad Harooni, and Komeil Baradaran Salmani.

“These actors targeted more than a dozen U.S. companies and government entities through cyber operations, including spear-phishing and malware attacks,” the Treasury Department said.

Concurrent with the sanctions, the U.S. Department of Justice (DoJ) unsealed an indictment against the four individuals for orchestrating cyber attacks targeting the U.S. government and private entities.

Cybersecurity

Furthermore, a reward of up to $10 million has been announced as part of the U.S. Department of State’s Rewards for Justice program for information leading to the identification or location of the group and the defendants.

It’s worth noting that Nasab, who worked for MASN, was charged in a previous indictment that was unsealed on February 29, 2024. The defendants remain at large.

Rahman, also employed by MASN, is alleged to have worked on testing malware intended to target job seekers with a focus on military veterans. He also purportedly worked for the Iranian Organization for Electronic Warfare and Cyber Defense (EWCD), a component of IRGC, from about 2014 through 2020.

MASN (formerly Mahak Rayan Afraz and Dehkadeh Telecommunication and Security Company) is tracked by the cybersecurity community under the name Tortoiseshell and is one of the many contracting companies that act as a cover for malicious campaigns orchestrated by IRGC. It was liquidated in June 2023.

The U.S. Treasury Department said the second sanctioned company also “engaged in malicious cyber campaigns on behalf of the IRGC-CEC,” noting that Harooni was employed by DAA and has carried out spear-phishing and social engineering attacks against U.S. organizations.

Salmani is said to be associated with multiple IRGC-CEC front companies, including MASN, and involved in spear-phishing campaigns targeting U.S. entities. Nasab, Harooni, and Salmani have also been responsible for procuring and maintaining the online network infrastructure used to facilitate the intrusions, the DoJ said.

In all, in the coordinated multi-year hacking spree, the defendants primarily singled out private sector defense contractors and other government entities, ultimately compromising more than 200,000 employee accounts.

Each of the defendants has been charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and wire fraud. If convicted, they face up to five years in prison for the computer fraud conspiracy, and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud.

Cybersecurity

Furthermore, Harooni has been charged with knowingly damaging a protected computer, which carries a maximum penalty of 10 years in prison. Nasab, Harooni, and Salmani have also been charged with aggravated identity theft, which carries a mandatory consecutive term of two years in prison.

“Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability,” said Attorney General Merrick B. Garland in a statement.

“These defendants are alleged to have engaged in a coordinated, multi-year hacking campaign from Iran targeting more than a dozen American companies and the U.S. Treasury and State Departments.”

The development comes amid geopolitical tensions in the Middle East after an Israeli air strike bombed Iran’s embassy in Syria, prompting the latter to launch a drone-and-missile attack on Israel, which, in turn, led to an Israeli missile strike hitting an air defense radar system near Isfahan.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.


Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket